Rob Douglas: Udall’s Affordable Care Act security concerns
November 7, 2013
On Wednesday, while folks in Routt County were absorbing Tuesday's election results, Sens. Mark Udall and Michael Bennet were in a private meeting with President Barack Obama at the White House.
Udall and Bennet — along with 14 other Senate Democrats whose political fortunes in 2014 are closely tied to the Affordable Care Act — were vocalizing their concerns about a range of problems arising from the rollout of the law.
On Thursday, the angst that drove Udall and Bennet to the White House must have grown when they saw The Denver Post headline, "Nearly 250,000 Colorado health policies canceled, many from Obamacare."
According to the Post, "Insurance companies are canceling health policies for nearly 250,000 Coloradans, many because of Affordable Care Act rules, a tally likely to inflame consumers upset with controversial reforms. … Only 3,408 Coloradans have enrolled in the private insurance plans offered on a new state exchange, the conservative advocacy group Compass Colorado said."
With the Post pointing out, "Consumer advocates who welcome health reform said it will take time to decipher whether the cancellations represent disaster or simply transition," it's worth noting Udall and Bennet signed a letter in October calling on Obama to extend the new health care law's enrollment period.
"Given the existing problems with healthcare.gov and other state-run marketplace websites that depend on the federally administered website, we urge you to consider extending open enrollment beyond the current end date of March 31, 2014. Extending this period will give consumers critical time in which to become familiar with the website and choose a plan that is best for them. Individuals should not be penalized for lack of coverage if they are unable to purchase health insurance due to technical problems."
Recommended Stories For You
With that background, let's circle back to Wednesday's White House meeting and the less publicized concern Udall left on Obama's doorstep.
After leaving the White House and reiterating his call for Obama to extend the enrollment period, Udall added, "I also told the president that, for the Affordable Care Act to succeed, consumers need to be confident their personal information is secure. We need to do everything in our power to protect the online marketplace from hackers and cyberattacks."
Fleshing out his statement, Udall sent a letter to U.S. Health and Human Services Secretary Kathleen Sebelius. After pointing out that "reasonable concerns" repeatedly have been raised about security testing of the "federal data services hub" and the new online health insurance marketplaces, Udall wrote:
"While Administrator (Marilyn) Tavenner testified on Nov. 5, 2013, that the datahub seems to be working adequately and safely, alarming stories have emerged explaining the ease with which a low-skilled hacker with bad intentions could intercept Americans' personal information on the new health system. For example, a software tester from Arizona found that a hacker could potentially commandeer a consumer's account, change the password, uncover the personal security responses and locate the consumer's email address.
"I was happy to learn that this security lapse was swiftly identified and corrected. Security breaches such as this negatively impact the confidence that Coloradans and all Americans may have in the overall protection of their personal information."
On Thursday, I asked Mike Saccone, Udall's communications director, whether questions about the security of the federal data hub constitute another reason to delay the enrollment deadline. Saccone said Udall wants to be "doubly sure personal information is protected," but he doesn't think a delay is warranted at this point based on security alone. Saccone said Udall "flagged this privacy concern," but his current call for a delay is based on the technical issues that have prevented Americans from accessing the federal health care website.
As to the length of the delay, Saccone said, Udall wants to wait until the "technical problems with http://www.healthcare.gov are fixed" before taking a definitive position.
Having worked with Congress on threats to personal information maintained in private and public databases, I find it encouraging that Udall, who has shown leadership on other privacy issues, is focused on the security aspects of the new law.
Given the scope of the threats posed by hackers and identity thieves, Udall should make certain the federal data hub truly is secure before agreeing to the enforcement of any enrollment period on Coloradans.
To reach Rob Douglas, email rdouglas@SteamboatToday.com.