Security concerns prompt supoena for Healthcare.gov data

U.S. House committee chairman orders QSSI to turn over contract and data on Healthcare.gov-related communications

By , Computerworld |  IT Management, affordable care act, HealthCare.gov

A U.S. House committee chairman, citing security concerns, today ordered a Healthcare.gov contractor to provide detailed information about its work on the project.

Rep. Darrell Issa, (R-Calif.), chairman of the Committee on Oversight and Government Reform chairman, Tuesday issued a subpoena for Quality Software Services Inc.'s contract with the U.S. Dept. of Health and Human Services (HHS) to work on the Affordable Care Act's (ACA) website.

The subpoena also orders QSSI to disclose how much it has been paid so far for its work on the project for the project, along with details about all Healthcare.gov-related internal communications and that between the company and workers at HHS and the White House.

Issa said he issued the subpoena after QSSI failed to voluntarily hand the information after it was asked for it by the committee last week.

QSSI did not respond to a request for comment on the subpoena.

"It is crucial that you provide information quickly because of the serious concerns about data security related to the lack of testing," Issa said in a letter sent to QSSI and 10 other Healthcare.gov contractors on October 23. "This lack of testing is concerning due to the amount of sensitive consumer information flowing through the data hub and exchanges."

QSSI is responsible for building Healthcare.gov's core Data Hub, which is designed to support ACA health exchanges. The hub is operated by the U.S. Centers for Medicare and Medicaid Services (CMS) and is designed to let healthcare marketplaces quickly verify the eligibility of individuals seeking insurance coverage.

Healthcare.gov's Data Hub doesn't store data, it's designed to connect insurance exchanges with federal databases at various government agencies, including the Social Security Administration, the Internal Revenue Service, the Dept. of Homeland Security and the Dept. of Veterans Affairs.

QSSI also oversees the testing of software code developed by other Healthcare.gov contractors and last week signed a contract to be the general contractor in charge of fixing glitches that have plagued the site since it went live on Oct. 1.

Issa said that QSSI's first-hand knowledge of the design and implementation of the Data Hub could help committee members better understand the decisions that went into building the website.

The subpoena is the latest sign of a growing unease over the security controls in Healthcare.gov. Though the site does not store much personal data, critics fear that it could nonetheless expose users to identity theft and other types of fraud.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is jvijayan@computerworld.com.

Read more about gov't legislation/regulation in Computerworld's Gov't Legislation/Regulation Topic Center.

Don't miss...


Arg! The 9 hardest things programmers have to do

The developer's guide to future car technology

5 ridiculous tech fees you're still paying

  Sign me up for ITworld's FREE daily newsletter!
Email: 
 


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

IT ManagementWhite Papers & Webcasts

Webcast On Demand

Transform Your IT Service Management

Sponsor: EasyVista

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness