Senate Republican leader Mitch McConnell on Monday called on the Obama administration to delay the Oct. 1 opening of exchanges where uninsured Americans will be able to buy health insurance until the U.S. government can guarantee the protection of people’s personal data.
The exchanges, a key element of the president’s signature 2010 healthcare law dubbed “Obamacare,” will be largely online.
In a letter to the Centers for Medicare & Medicaid Services (CMS), the agency taking the lead in implementing the law, McConnell said that “Americans should not be forced into the exchanges, and certainly not without these assurances” that personal and financial data will be safe from “hackers and cyber criminals.”
“If you rush to go forward without adequate safeguards in place,” McConnell added, “any theft of personal information from constituents will be the result of your rush to implement a law to meet the agency’s political needs and not the operational needs of the people it is supposed to serve.”
The law, which aims to reduce the number of uninsured Americans and cut U.S. healthcare costs, was passed three years ago over unified Republican opposition in Congress. Congressional Republicans have sought numerous times since then to repeal it or block certain aspects of it from being implemented.
Concerns about data security arose last week after the inspector general of the Department of Health and Human Services (HHS) issued a report saying CMS had missed several self-imposed deadlines for testing the security of the information technology that will power the insurance exchanges being set up in all 50 states and the District of Columbia. CMS is part of HHS.
As a result of the delays, a ruling by HHS’s chief information officer certifying the security of the federal information technology system, which every state has to use for its own exchange, will be pushed back to Sept. 30, a day before enrollment under the measure is due to start.
The delay in testing and certifying information technology security, experts said, could allow the exchanges to open with security flaws or force them to postpone when they begin to enroll people in health insurance.
On Friday, Oregon announced that individuals seeking to purchase health insurance on that state’s exchange would not be able to do so when it opens on Oct. 1 unless they use an agent or other individual who has been trained and given an account by the state. Cover Oregon, as the exchange is called, said the delay was not due to information technology issues alone but to overall concerns about the exchange’s ability to meet the expected surge of customers.
In his letter, McConnell cited the inspector general’s report, saying that “while I believe we ought to repeal this law and replace it with commonsense reforms that lower cost, Americans ought to be assured, at an absolute minimum, that their personal and financial data will be safe from data thieves.”
In order to buy insurance on a state exchange, people must submit personal information that is then checked against data held on servers at the Internal Revenue Service and other government agencies, including income history.
The concerns about data security center on the possibility that someone could access those databases through the federal data services hub, which is being created especially for Obamacare and will connect information from all the U.S. agencies needed for someone to purchase insurance.