HEALTHCARE.GOV: Information Security and Privacy Controls Should Be Enhanced to Address Weaknesses

Abstract

PPACA requires the establishment of health insurance marketplaces in each state to assist individuals in comparing, selecting, and enrolling in health plans offered by participating issuers. CMS is responsible for overseeing these marketplaces, including establishing a federally facilitated marketplace instates that do not establish their own. These marketplaces are supported by an array of IT systems, including Healthcare.gov, the website that serves as the consumer portal to the marketplace. This statement is based on two September 2014 reports examining the security and privacy of the Healthcare.gov website and related systems. The specific objectives of this work were to (1) describe the planned exchanges of information between the Healthcare.gov website and other organizations and (2) assess the effectiveness of programs and controls implemented by CMS to protect the security and privacy of the information and IT systems supporting Healthcare.gov.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 18, 2014
Accession Number
AD1176090

Entities

People

  • Gregory C. Wilshusen

Organizations

  • United States Government Accountability Office

Tags

Communities of Interest

  • Biomedical
  • Cyber

DTIC Thesaurus Topics

  • Accountability
  • Business Administration
  • Configuration Management
  • Congress
  • Contractors
  • Department Of Defense
  • Department Of Homeland Security
  • Department Of Veterans Affairs
  • Electronic Mail
  • Employment
  • Financial Management
  • Governments
  • Identity Management Systems
  • Information Security
  • Information Systems
  • Law
  • Management Personnel
  • National Governments
  • Organizational Structure
  • Personnel Management
  • Security
  • Social Media
  • United States Government

Readers

  • Cybersecurity.
  • Government Contracting/Procurement.
  • Immunology and Pathology