Security concerns prompt subpoena for HealthCare.gov data

A U.S. House committee chairman, citing security concerns, today ordered a HealthCare.gov contractor to provide detailed information about its work on the project.

Rep. Darrell Issa (R-Calif.), chairman of the Committee on Oversight and Government Reform chairman, Tuesday issued a subpoena for Quality Software Services Inc.’s contract with the U.S. Dept. of Health and Human Services (HHS) to work on the Affordable Care Act’s (ACA) website.

[ Also on InfoWorld: How federal cronies built — and botched — HealthCare.gov. | For a quick, smart take on the news you’ll be talking about, check out InfoWorld TechBrief — subscribe today. ]

The subpoena also orders QSSI to disclose how much it has been paid so far for its work on the project for the project, along with details about all HealthCare.gov-related internal communications and that between the company and workers at HHS and the White House.

Issa said he issued the subpoena after QSSI failed to voluntarily hand the information after it was asked for it by the committee last week.

QSSI did not respond to a request for comment on the subpoena.

“It is crucial that you provide information quickly because of the serious concerns about data security related to the lack of testing,” Issa said in a letter sent to QSSI and 10 other HealthCare.gov contractors on October 23. “This lack of testing is concerning due to the amount of sensitive consumer information flowing through the data hub and exchanges.”

QSSI is responsible for building HealthCare.gov’s core Data Hub, which is designed to support ACA health exchanges. The hub is operated by the U.S. Centers for Medicare and Medicaid Services (CMS) and is designed to let health care marketplaces quickly verify the eligibility of individuals seeking insurance coverage.

HealthCare.gov’s Data Hub doesn’t store data, but it’s designed to connect insurance exchanges with federal databases at various government agencies, including the Social Security Administration, the Internal Revenue Service, the Dept. of Homeland Security, and the Dept. of Veterans Affairs.

QSSI also oversees the testing of software code developed by other HealthCare.gov contractors and last week signed a contract to be the general contractor in charge of fixing glitches that have plagued the site since it went live on Oct. 1.

Issa said that QSSI’s firsthand knowledge of the design and implementation of the Data Hub could help committee members better understand the decisions that went into building the website.

The subpoena is the latest sign of a growing unease over the security controls in HealthCare.gov. Though the site does not store much personal data, critics fear that it could nonetheless expose users to identity theft and other types of fraud.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar’s RSS feed. His email address is jvijayan@computerworld.com.

Read more about gov’t legislation/regulation in Computerworld’s Gov’t Legislation/Regulation Topic Center.

Source: http://www.infoworld.com/t/federal-regulations/security-concerns-prompt-subpoena-healthcaregov-data-229751
Category: world series   eric decker   Dancing With the Stars 2013   Scott Eastwood   bay bridge  

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s