But a new CBS News analysis shows that “even when the website works, it may not be secure enough to protect privacy.” The report found that “the deadline for final security plans slipped three times from May 6 to July 16. Security assessments to be finished June 7 slid to August 16 and then August 23. The final, required top-to-bottom security tests never got done.”
Never got done? How can that happen? Last week, before CBS News even revealed that “security tests never got done,” the Associated Press disclosed a government memo revealing the “high” security risk for HealthCare.gov.
“Nothing can undermine public confidence more than the fear of a security and privacy breach. You could have somebody hack into the system, get your Social Security number, get your financial information,” Georgetown Law professor Lawrence Gostin told CBS News.
Think it can’t happen? Remember that the HealthCare.gov website requests your personal data like birth date and Social Security number. The data is shared with the IRS, Social Security Administration, and for military personnel, even the Department of Veterans Affairs. Healthcare.gov been accused of violating its own privacy policies. Further, they admitted there was a high degree of risk when they offered the website to go public — yet never told anybody.
U.S. Rep Mike Rogers (R-MI) pointed out that “they said that they think the risk was acceptable. But their information wasn’t at risk, American people’s information was at risk.”
Rogers noted that the administration’s attempts to fix the website while it is running is like “trying to change a tire on a car going 70 miles an hour down the expressway. They need to take the site down.”
What do you think? Should Healthcare.gov be taken down until every American’s privacy can be ensured or do you think the level of security is adequate? Join our discussion on Facebook and let us know what you think.