Security vulnerabilities found within HealthCare.gov

Since the federal health insurance exchange website launched almost three months ago, there have been two high-risk security vulnerabilities, a top federal official told lawmakers.

Teresa Fryer, the chief information security officer for the Centers for Medicare a& Medicaid Services , testified about the security findings during a private meeting with the House Oversight Committee.

Although specific information about the security issues have been redacted from the transcript of Fryer's testimony, she said they represent "vulnerability in the system," ABC News reported.

Fryer also said one of the HealthCare.gov vulnerabilities was identified during testing in the last few weeks and was related to an incident reported in November. The other issue was found last week, reported CBS News.

The U.S. Department of Health & Human Services responded by saying one of the vulnerabilities was proven to be false. And the other issue involved a piece of software code that has since been fixed.

"There have been no successful security attacks on HealthCare.gov," HHS spokeswoman Joanne Peters said, adding that "no person or group has maliciously accessed personally identifiable information from the site."

Meanwhile, Mitre, an independent contractor that tests HealthCare.gov security, found 28 security vulnerabilities in October, including issues that could have allowed hackers to obtain consumers' personal information, reported The Washington Post.

To learn more:
- read the ABC News article
- see the CBS News article
- check out The Washington Post article

 

Suggested Articles

Provider groups and health systems are clamoring for HHS to provide direct assistance to cash-strapped hospitals now.

Kaiser Permanente is offering its members free access to Livongo's mental health app myStrength to help address increased stress and anxiety.

Zocdoc has added telehealth appointments to its platform in response to the spike in demand for virtual care.