The House Oversight and Government Reform Subcommittee on Energy Policy, Health Care and Entitlements expressed concerns over security systems that will accompany the healthcare insurance marketplaces in October. The committee is referencing the marketplaces extensive data hubs, but according to the Obama administration, the hubs will not contain customers’ personal data.
Centers for Medicare and Medicaid Services (CMS) Administrator Marilyn Tavenner told lawmakers that the hub is a routing tool, not a database, and also noted that the application for insurance in the marketplaces does not ask for personal health information. The marketplace IT system will not access or store health information beyond what is routinely used when someone applies for Medicaid, for example. Further, the deputy chief information officer at CMS emphasized that data would only be stores in the hub for a matter of minutes.
The concerns of committee members also extended to how the administration is setting up and testing the hub before it goes live. While the Department of the Treasury is testing the hubs, Alan Duncan, assistant inspector general for security and information technology services, expressed some concerns that the final round of testing would not be done by the launch date of October 1, 2013.
Committee Chairman Darrell Issa (R-CA) also questioned a CMS contract with a British company, the Serco Group, to help handle applications for health coverage in the federally run exchanges. The group is being investigated by the British government in connection with its billing practices, and Issa said the Federal Bureau of Investigation found that the company’s computer system has been hacked, putting Social Security numbers at risk.
The full article is available via CQ here.