Security politics

The following editorial appeared recently in the Washington Post.

Republicans this week plan to put yet another criticism of the Affordable Care Act front-and-center on the House floor. It is another political weapon, but if treated seriously, this one could lead to useful reform.

For the past several weeks, Republicans have claimed that the Web site HealthCare.gov and the systems behind it may not be secure enough to keep Americans' personally identifying information safe. They have selectively released evidence they collected through their oversight efforts to make it seem as though the site has major security vulnerabilities. In response, Democrats presented selective evidence of their own. The Department of Health and Human Services (HHS), meanwhile, reported that "there have been no successful security attacks on HealthCare.gov, and no person or group has maliciously accessed personally identifiable information from the site." The administration also said that the site is fully compliant with federal security standards.

That's presumably true, but those standards could use some upgrading. HealthCare.gov no doubt has some vulnerabilities, as do many other sites. Data breaches of well-protected government - and, for that matter, private - systems containing sensitive information indicate that HealthCare.gov would hardly be unique in this regard, even if it is a uniquely tempting political target. ACA sites don't collect the breadth of sensitive personal data that other federal systems, such as Medicare's, do.

The House Republicans' bill would require the government to notify victims of any illegal security breach in the ACA's systems within two business days. If that makes sense for HealthCare.gov, though, why not require the same of other sensitive federal systems, too? If Republicans want to pass useful policy, rather than simply throw another bomb at the ACA, they should detach their proposal from anti-Obamacare politics and vote on a broader federal transparency requirement, or even renew their push for more ambitious federal cybersecurity reforms.

It would be unfortunate, though, if Republicans succeeded in scaring Americans away from enrolling in health-insurance plans, undoubtedly a goal for some. Many uninsured Americans, in particular, have a lot more to gain than lose from logging into HealthCare.gov and signing up.

The editorial board is composed of the publisher and four journalists of varied editing and reporting backgrounds. The board's discussions and information gained from its meetings with political, civic, and business leaders drive the institutional voice of The Day, as expressed in its editorials. The editorial department operates separately from the newsroom.

READER COMMENTS

Loading comments...
Hide Comments