GAO To Release HealthCare.gov Cybersecurity Report in 2015

April 24, 2015 in News

On Wednesday, a federal official told lawmakers that the Government Accountability Office later this year will release a report about various cybersecurity incidents that have affected HealthCare.gov, The Hill reports.

Speaking at a House Oversight Committee hearing, GAO’s Director of Information Security Issues Gregory Wilshusen hinted at several cybersecurity events related to HealthCare.gov but did not provide any details about the incidents.

Wilshusen said, “We presently have work ongoing, looking at both the security and privacy of the state-based insurance [exchanges], as well as looking at the incidents that have [been] identified for HealthCare.gov by [CMS].” He said GAO had “just recently received a list of the incidents” from CMS and is investigating them now.

According to The Hill, Wilshusen’s comments did not make clear whether hackers had successfully made their way into HealthCare.gov more than once. Federal officials in September 2014 acknowledged that hackers had gained access to one of HealthCare.gov’s outer servers. The officials said that no personal user data had been breached (Viebeck, The Hill, 4/22).

Calculation Error Causes Thousands To Receive Incorrect ACA Subsidy

Meanwhile, a glitch on HealthCare.gov might have caused thousands of families with a parent who is disabled or has died to receive lower subsidies to help them purchase exchange coverage than for which they were, Kaiser Health News reports. Further, some U.S. residents who should have been eligible for Medicaid might have been unable to sign up for the program because of the error.

Over the course of several months, people helping U.S. residents purchase Affordable Care Act coverage through HealthCare.gov noticed that the site appeared to be making a mistake in calculating family income, which determines subsidy amounts and Medicaid eligibility.

The calculation issues appeared in cases in which children received Social Security income, typically because a parent has a disability or has died. The government’s calculation of modified adjusted gross income included the child’s Social Security income. Such income should be included only in cases when the child has to file his or her own tax return; children receiving only Social Security benefits typically are not required to do so. The added Social Security income inflated family income, making it so some Medicaid-eligible individuals could have been wrongly denied coverage while others received a lower subsidy than for which they were actually eligible.

CMS acknowledged the error in March but has not released an estimate of the number of families affected. Tricia Brooks, a senior fellow at the Georgetown University Center for Children and Families, estimated about 40,000 households might have been affected.

CMS has recommended that assisters help consumers address the issue by submitting an appeal to the federal exchange or applying for Medicaid coverage through their state or HealthCare.gov.

Brooks said federal officials should perform a computer search to find affected families and ensure they are enrolled in the appropriate coverage option with the correct financial assistance (Andrews, Kaiser Health News, 4/24).

Be the first to like.
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://feedproxy.google.com/~r/Ihealthbeat/~3/BoCy1ZpzRE4/gao-to-release-healthcaregov-cybersecurity-report-in-2015

Be Sociable, Share!
Bookmark and Share

Leave a reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>