CMS reported a data breach on the 13th of October 2018, around 75,000 individual records were affected. This attack took place through the ACA Agent and Broker Portal, since the unfortunate event the portal was disabled to prevent further damage. However, now the access to the portal has been restored but the possibility of another attack makes the current security status of the portal, quite questionable. Days before the open enrollment was set to take place, such a devastating intrusion struck the portal.
Center for Medicare & Medicaid service had launched this portal, in order to motivate brokers’ to facilitate the signup of customers; for the purpose of insurance coverage under the Affordable Care Act. The budget set aside for this program has already been reduced from $63 million to a mere $10 million. Based on AJMC.com’s article, the government has passed a statement that the program is not as cost-effective as it should be. Similarly, administrator Seema Verma had stated that there would be no hindrance in the process of enrollment and consumers can continue with the program.
The investigation as to why did the breach happen in the first place is currently underway. A similar incident took place in the year 2015. The insurance company known as Anthem experienced a major data breach which affected as much as 80 million users in the U.S. Information on HIV/AIDS prescription drugs along with the names of the users was compromised. Just a week before the ACA portal breach, Anthem settled the lawsuit with a $16 million payment against the violations.
According to an article by healthcarefinancenews.com, based on the current situation of the attack, CMS has stated that it would take proper action against future attacks and formulate new security policies for the preemptive measures to be set in place. The healthcare industry has become prone to such cyber-attacks, for instance, the “WannaCry” attack which affected healthcare systems worldwide; especially UK’s National Health System. Organizations need to invest in industry grade security measures in order to maintain a strong footing against such cyber-attacks.
More Stories
The Future of Radiology Information System
How To Buy EHR Software in 6 Steps
Information security guide for small healthcare businesses