September 11, 2013 / 4:27 PM / 4 years ago

Federal data system for Obamacare exchanges gets security OK

Sept 11 (Reuters) - The data system supporting President Barack Obama's healthcare reform law has been tested and certified as secure for millions of Americans who will seek health coverage beginning on Oct. 1, meeting a critical deadline for launching the program, the administration said on Wednesday.

Concerns over whether consumer information would be secure in time were raised last month, when a government report said it could take until Sept. 30 to sign off on the system's data protections, leaving little room for error before Obamacare is due to go live.

The Centers for Medicare & Medicaid Services (CMS), part of the U.S. Department of Health and Human Services, said on Wednesday that the federal data system used to determine eligibility for government subsidies for this new healthcare was ready to go.

The news came as officials from HHS were due to testify on the security of the system, called the Hub, before a Republican-led subcommittee on cybersecurity in the House of Representatives.

Last month, the HHS inspector general said in a report that missed deadlines this summer had pushed back the critical security testing. In particular, the date for CMS to certify that the Hub met requirements for information technology security was moved to Sept. 30 from Sept. 4.

IT security is a concern because the health exchanges that will sell insurance plans to individuals under the new program need various federal agencies to communicate on sensitive information about applicants, such as social security numbers, through the Hub.

CMS, which will be overseeing the health exchanges, said on Wednesday in a statement that the IT-security authorization had occurred on Sept. 6.

"The completion of this testing confirms that the Hub complies with federal standards and that HHS and CMS have implemented the appropriate procedures and safeguards necessary for the Hub to operate securely on October 1," CMS said.

Security requirements for the Hub, which is being built by an outside contractor, include access controls and authentication to help prevent hackers from viewing personal information such as tax records.

0 : 0
  • narrow-browser-and-phone
  • medium-browser-and-portrait-tablet
  • landscape-tablet
  • medium-wide-browser
  • wide-browser-and-larger
  • medium-browser-and-landscape-tablet
  • medium-wide-browser-and-larger
  • above-phone
  • portrait-tablet-and-above
  • above-portrait-tablet
  • landscape-tablet-and-above
  • landscape-tablet-and-medium-wide-browser
  • portrait-tablet-and-below
  • landscape-tablet-and-below