Feds Upgrade HealthCare.gov Cybersecurity Capabilities
November 7, 2014 in News
Federal officials have enhanced HealthCare.gov’s cybersecurity capabilities in advance of the upcoming open enrollment period, which begins Nov. 15, the AP/Washington Times reports (AP/Washington Times, 11/6).
Last month, HHS officials announced that a hacker in July breached part of the federal health insurance exchange website and uploaded malicious software. Investigators found no evidence that enrollees’ personal data were taken in the attack, which an HHS official said appeared to be the first successful breach of the website (iHealthBeat, 9/5).
Cybersecurity Upgrade Details
According to federal officials, cybersecurity upgrades for HealthCare.gov include:
- Certifying that the facility hosting the federal insurance exchange meets the government’s cloud computing standards;
- Conducting daily cybersecurity scans and weekly “white-hat” hacking simulations; and
- Improving the site’s ability to detect and defend against cyberattacks, with help from the Department of Homeland Security (AP/Washington Times, 11/6).
Additional Preparations Underway
Meanwhile, HealthCare.gov CEO Kevin Counihan and other officials are taking additional steps to avoid the technical failures that plagued the federal insurance exchange during the initial open enrollment period, the Wall Street Journal reports.
According to the Journal, challenges still facing HealthCare.gov include:
- Back-end portions of the website that are not yet built; and
- Potential capacity issues, as the website might have to handle nearly double the number of users as the first open enrollment period.
In response, the new management team directed by HHS Secretary Sylvia Mathews Burwell has been carrying out more tests on HealthCare.gov and implementing other improvements in advance of the upcoming open enrollment period, including changing the site’s Web host, the Journal reports.
However, Counihan has attempted to hold expectations for Healthcare.gov in check. He noted that the site likely will have some flaws and that his goal is to have it function more like a “well-running Ford … than a flashy Maserati,” according to the Journal.
According to CMS Principal Deputy Administrator Andy Slavitt, Counihan also has taken additional steps to improve the site over the long term, including assigning a team to prepare HealthCare.gov for the 2016 open enrollment period.
Meanwhile, President Obama at a press conference on Wednesday said that HealthCare.gov’s “screw-ups” during last year’s initial open enrollment period might have led to fewer individuals enrolling in coverage. He said, “We’re really making sure the website works super well before the next open enrollment period,” adding, “We’re double and triple checking it” (Armour/Radnofsky, Wall Street Journal, 11/7).