After CMS breach, health care exchange portal is back online

CMS says it can now confirm that no protected health information was exposed.
(Getty Images)

The Center for Medicare and Medicaid Services announced Friday morning that the Direct Enrollment pathway for agents and brokers, the subject of a breach that exposed the files of an estimated 75,000 individuals, is patched and back online.

The Direct Enrollment pathway for agents and brokers is a tool that allows insurance professionals to help individuals apply for health coverage through the Federally Facilitated Exchanges. The pathway was shut down “out of an abundance of caution” last week. The breach did not impact portals where individuals go to apply on their own behalf, such as

CMS says it is continuing to “assess” exactly what information was accessed during the breach, “but can now confirm that no banking, federal tax information (FTI), or protected health information (PHI) was exposed.”

Affected individuals will receive notice once the assessment has been completed, the agency said in an email, and will be able to register for free credit protection and identity monitoring services.


With this Direct Enrollment portal operational once again, all pathways to enrollment are active in time for open enrollment for 2019, which begins Nov. 1.

Latest Podcasts