Rep. Patrick Meehan (R-Pa.), the chair of the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, held a hearing on Wednesday to examine the security and reliability of the health exchange data hub.
The federal data hub is a key aspect of the new Affordable Care Act that is scheduled to be fully implemented in October. The subcommittee has extensively examined the way personal information for millions of people, including social security numbers, can be accessed and how the federal government will manage the public’s personal and identifiable information.
Representatives from the Centers for Medicare and Medicaid Services testified to the subcommittee in July. Meehan said his take away from their testimony was they did not feel ready to embark on the responsibility for the data hub.
The Government Accountability Office recently released a report on the data hub.
“[The data hub] is a complex undertaking involving the coordinating actions of multiple federal, state and private stakeholders,” the report said.
The GAO concluded that it is undeterminable whether or not the hub could be smoothly implemented by October.
“I have grave concerns from a cyber security standpoint,” Meehan said.
Michael Astrue, the former social security commissioner, said at Wednesday’s hearing that an August Inspector General report revealed that the schedule for implementation has dramatically fallen behind and leaves no time for adequate beta testing and revisions.
“HHS’s claim that it will be ready to make security findings on its September 30 deadline is a fiction designed to preserve the larger fiction that the exchanges will be ready for uninsured Americans,” Astrue said.
Matt Salo, the executive director of the National Association of Medicaid Directors, also testified during Wednesday’s hearing. He told Meehan that it was more important to his team to ensure that the exchange of data was done securely than it was to do it quickly.