GAO Report: Still Has Security Flaws

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
SUBSCRIBE, the online portal to the federal health insurance exchange set up under the Affordable Care Act, is still vulnerable to security and privacy threats, according to a new report from the U.S. General Accounting Office (GAO). While the Centers for Medicare & Medicaid Services (CMS) has "taken steps" to fix flaws found during's rocky rollout last year, it has not "fully addressed security and privacy management weaknesses" that have placed data "at risk." This report comes less than a month after it was reported that malware had been uploaded onto a server. No data was stolen during that incident. "Until these weaknesses are addressed, increased and unnecessary risks remain of unauthorized access, disclosure, or modification of the information collected and maintained by," the report said. It also cited the lack of an alternate processing site to keep the system running if slows or goes down.