In the months following the flawed rollout of healthcare.gov, security of the website and its data became the subjects of several congressional hearings. Now, more than seven months later, Rep. Lamar Smith, R-Texas, chairman of the House Committee on Science, Space and Technology, is calling on the Government Accountability Office to revisit the issue.
Smith sent GAO a letter last week, requesting the agency conduct a full, thorough review of the security risks associated with healthcare.gov. His request comes after several experts testified in committee hearings that the comprehensive testing is the “only way to ensure the security of Americans’ personal information.”
In a hearing held shortly after healthcare.gov’s launch, security experts testified that an accurate, independent and impartial report on the security of the site is needed.
“The data obtained by healthcare.gov is one of the largest collections of personal information ever assembled,” Smith wrote in his letter. “It links information between seven different federal agencies and state agencies, as well as government contractors, making it a goldmine of Americans’ personally identifiable information.”
The letter requests GAO use outside security specialists and private sector individuals, as well as companies and groups that specialize in accessing such technical information security. Also, Smith calls for GAO to expand its review to better include the potential security vulnerabilities.
“As the primary, nonpartisan agency tasked with shedding light on government programs, GAO has a responsibility to conduct a full and thorough review of healthcare.gov,” Smith wrote. “This is one of the largest undertakings by the federal government in our nation’s history — and the stakes are high to ensure that the website is secure.”
In addition to the initial security vulnerabilities of the site, Smith said there is new concern from the possible effects of the Heartbleed bug on healthcare.gov because of the personal information the website obtains.