”To date, there is no evidence that a...
"To date, there is no evidence that a person or group has maliciously accessed personally-identifiable information (PII) from the [Healthcare.gov] site,” Centers for Medicare and Medicaid Services (CMS) Administrator Marilyn Tavenner said Thursday before the House Oversight and Government Reform…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Committee, in her prepared remarks (http://1.usa.gov/1rgcz9m). The committee was probing Tavenner following government confirmation that Healthcare.gov had been breached (WID Sept 8 p8). When designing Healthcare.gov, CMS created the Federal Data Services Hub (the Hub) “that provides an electronic connection between the eligibility systems of the Marketplaces to already existing, secure Federal and state databases to verify the information a consumer provides in their Marketplace application,” said Tavenner. The Hub doesn’t retain personally identifiable information and frees each state’s marketplace from setting up “separate data connections to each database,” she said. Tavenner also touted CMS’s ongoing security monitoring -- penetration testing, continuous monitoring and mitigation strategies. “In addition to daily operational security testing, a comprehensive end-to-end security control assessment that meets industry standards will be conducted by independent assessors next month,” she said. “This security control assessment will test security for open enrollment and plan year functionality.” House Oversight and Government Reform Committee Chairman Darrell Issa, R-Calif., Wednesday released a report criticizing the security testing of Heathcare.gov before the website’s launch (http://1.usa.gov/1mbVvkt).