(Bloomberg) -- A computer system underpinning the U.S. health care overhaul has completed security testing and is ready to go, the federal government says.
The update may ease concerns that the network might not be functional when the uninsured begin shopping for coverage on Oct. 1. The computer hub, a frequent target of Republicans, is designed to route data on customers using new insurance exchanges from seven federal agencies including the Internal Revenue Service and Social Security Administration.
“After over two years of work, it is built and ready for operation, and we have completed security testing and certification to operate,” U.S. Chief Technology Officer Todd Park says in an e-mail from a spokesman for the Centers for Medicare and Medicaid Services.
The system will enable the marketplaces to provide “accurate and timely eligibility determinations,” Park says. The inspector general for the Department of Health and Human Services, which built the system, said last month that testing had fallen behind schedule and might not be completed until Sept. 30.
Congressional Republicans have questioned whether the hub presents a security risk because of the amount of sensitive data it will handle. The system will use the databases of the IRS and the other federal agencies to confirm information about Americans’ income, citizenship and insurance coverage when they apply for plans through the exchanges.
The Obama administration has defended its ability to keep the hub secure. The Centers for Medicare and Medicaid Services, which will run it, has long experience securing personal data under Medicare, the health program for the elderly. The hub itself won’t store any data, officials have said.
“The hub and its associated systems have several layers of protection in place to mitigate information security risk,” the Medicare agency says in a fact sheet released Wednesday. Health exchanges will use a “continuous monitoring model” to quickly identify and react to “irregular behavior and unauthorized system changes” on their networks, the agency says.
The hub was authorized to operate last Friday, according to the fact sheet. The network is subject to the 1974 Privacy Act, the 1987 Computer Security Act and the 2002 Federal Information Security Management Act. It operates under rules set up by the Office of Management and Budget, Homeland Security Department and the National Institute of Standards and Technology, the fact sheet shows.
Register or login for access to this item and much more
All Employee Benefit News content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access