Industry Updates

Data Breach Affects Federal Healthcare System

You probably haven’t heard of the Centers for Medicare and Medicaid Systems.

They’re a low-profile division of the Department of Health and Human Services responsible for administering the Affordable Care Act.

Recently, the company announced that they detected anomalous activity in the systems related to the healthcare.gov website that brokers and insurance agents use to assist people who apply for healthcare coverage.

The abnormal activity was detected in the Federally Facilitated Exchange system, and the direct enrollment pathway in particular.  This is connected to (but separate from) the healthcare.gov website itself.

A statement issued by the Centers for Medicare and Medicaid Systems said:

“At this time, we believe that approximately 75,000 individuals’ files were accessed.  While this is a small fraction of the consumer records present on the FFE, any breach of our system is unacceptable… We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information.”

CMS made it clear that their investigation into the matter was still in its earliest stages.

They did offer the following additional information:

“Upon verification of the breach, CMS took immediate steps to secure the system and consumer information, further investigate the incident, and subsequently notify federal law enforcement.  We are actively engaged in and committed to helping those potentially impacted as well as ensuring the protection of consumer information.”

Additionally, CMS stated that they identified the broker accounts that were associated with the anomalous activity and deactivated them out of an abundance of caution.

At some point in the near future, we can expect that CMS will be contacting those whose data was compromised and providing them with a series of next steps. The agency is already moving to bolster their security measures and promises that they’ll have them in place before the end of October 2018.

If you’ve used the healthcare.gov portal and required the assistance of a broker or insurance agent to get coverage for yourself and your family, there is a small chance your data may have been compromised. However, at this point, there’s no way to be certain.  Be on the lookout for a communication from CMS in the near future, however, just in case.