WASHINGTON
The Obama administration is urging its supporters to make the most of the holidays — by turning family dinners and other social gatherings into platforms for boosting enrollment in ObamaCare.
Supporters can even log on to a website for talking points that can help them push loved ones to sign up for health insurance through HealthCare.gov.
If you find yourself being pressured at the dinner table to “sign up now,” consider the risks before going online.
HealthCare.gov debuted Oct. 1 and, overnight, became the new poster child for government ineptitude. From its propensity to crash to its security problems and bureaucratic inefficiencies, it provided a seemingly inexhaustible supply of material for late-night comedians.
But the site is no laughing matter. It is a security nightmare, leaving users' personal information vulnerable to hackers and others. And that vulnerability appears to be open-ended.
In late October, a North Carolina man discovered a security breach: The site allowed him to access a stranger's enrollment and subsidy information. The user contacted the Department of Health and Human Services about the breach and asked it to remove his account from the site to protect his own information. After weeks of waiting, his information account was finally deleted in mid-November.
When it comes to security, state health exchange sites haven't fared much better. Officials at CoverOregon, Oregon's health exchange, are reviewing their privacy protections after workers there committed three personal data breaches in three days. Vermont officials overseeing the state's health exchange website confirmed a security breach there that gave one user improper access to another's Social Security number and other data.
Two months after HealthCare.gov's disastrous debut, the administration claimed the site had made “dramatic progress” and was, essentially, “fixed.” But those assurances addressed only the site's ability to handle more traffic without going into cardiac arrest. Notably missing is any metric addressing security.
On Nov. 19, four IT experts testified before the House Committee on Science, Space and Technology. All agreed that HealthCare.gov was a security nightmare that presented unacceptable risks to users. One went so far as to dub the website “IdentityTheft.gov.”
Since then, the administration once again has pronounced the website “fixed.” Unfortunately, it “doesn't appear that any security fixes were done at all,” says David Kennedy, CEO of the online security firm TrustedSec.
Indeed, Kennedy told The Washington Free Beacon, the “fixes” made to increase the site's capacity may have left the site even less secure.
And the website isn't the only source of security concerns over the ObamaCare enrollment process. ObamaCare navigators — nearly 50,000 people contracted by the government to help consumers wade through the insurance process — never had to undergo background checks. Folks who disclose their financial and medical information to navigators during the sigh-up process may leave themselves wide open to fraud and identity theft.
Whether flying solo on HealthCare.gov or enlisting the aid of a navigator, the security risks of signing up for ObamaCare remain sky high. All Americans — especially the young — might want to hold off for a while. Why take a chance on the half-baked HealthCare.gov?
Tim McGovern is the director of marketing technology at The Heritage Foundation.
