10.23.2013 1

Is your data on Healthcare.gov secure?


By Tom Toth

It’s been well-documented that the Obamacare enrollment site Healthcare.gov has been a massive technological failure following its October 1 launch.

The site has quickly become the brunt-end of joking and scorn amongst political pundits and tech savvy webmasters. Many commentators have alluded to the site’s problems and difficulties as a foreshadow of the eventual failure of the Affordable Care Act itself. It appears that many see the site is serving not as a healthcare marketplace but as an easy punching bag for conservatives looking to give a blow to Obamacare and its supporters.

While the website’s failure has indeed been embarrassing for the administration, the site’s performance shouldn’t be our main concern. The website is an extreme security risk for Americans.

Before anyone began designing Healthcare.gov, the U.S. Department of Health and Human Services consolidated data from seven federal agencies into one database to be used by the website for quick identification of applicants.

This so-called “marketplace” may be the single-largest collection of sensitive information ever collected in a single location, classified NSA databases notwithstanding. Linking data from the IRS, the Department of Homeland Security, Social Security Administration, the Department of Health and Human Services’ new healthcare information database, along with several other agencies’ databases, Healthcare.gov serves as an easy target for hackers look to access Americans’ sensitive information.

These data sources contain social security numbers, extensive health records, foreign travel records, and personal tax histories. Healthcare.gov is a one-stop shop for anyone looking to profit from stealing information. Worse yet, it could potentially affect the lives of hundreds of millions of Americans if massive amounts of personal information were disseminated to the Internet from a single location.

The national and global security risks resulting from WikiLeaks and hacker group Anonymous have recently demonstrated the dangers of mass digital data collection. What’s to prevent another Edward Snowden with internal access to the database from collecting and distributing massive amounts of sensitive information over the web?

In the last few years alone, the CIA’s website and major banks such as Chase and Citigroup have been hacked and sensitive information stolen.

Can the information assurance for Healthcare.gov be definitively better than the nation’s Central Intelligence Agency, the NSA, or a global banking giant?

Considering that the site wasn’t tested or robust enough to handle web traffic now, three weeks after launching, placing any confidence in the site’s security features would be difficult at this stage.

Tom Toth is the Social Media Director for Americans for Limited Government.

Copyright © 2008-2023 Americans for Limited Government