House Intel chairman warns ObamaCare system vulnerable to hackers

ADVERTISEMENT
Rogers warned that the hackers could be able to break into the hub to steal health records, credit histories, Social Security numbers and other sensitive data to enable identity theft.

"We better fix this before we continue to move forward on the system or we will all regret it," Rogers said.

He added that if he were "king for a day," he would have cybersecurity experts at the National Security Agency revamp the healthcare system to make it more secure.

Rogers is the author of the Cyber Intelligence Sharing and Protection Act (CISPA), which would help the government and private sector share more information about cyberattacks. 

Christopher Rasmussen, a policy analyst for the nonprofit Center for Democracy and Technology, explained that the hub routes sensitive information but does not store it for long periods of time.

But he warned that if sophisticated hackers are able to break into the system, they would have access to vast amounts of personal information as it is shared between agencies.

"Any sort of interconnected [information technology] infrastructure is vulnerable to hacking," Rasmussen said.

He noted that other federal systems collect sensitive information, but he said the data hub is unique because it is expected to handle information of millions of people as they sign up for the new healthcare options under the Affordable Care Act in the next several months.

According to the Centers for Medicare & Medicaid Services (CMS), which built the hub, there are "several layers of protection" in place to thwart hackers.

The agency said it is constantly monitoring the system and has sensors to rapidly identify attacks as they are happening. Attacks are reported to law enforcement and the Health and Human Services Department (HHS) cybercrime unit, the CMS said.

"The privacy and security of consumer data is a top priority for HHS and CMS," the agency wrote in a fact sheet. "The Hub and its associated systems have been built with state-of-the art business processes based on federal and industry standards. CMS has developed an extremely strong enterprise information security program to protect consumer information in a secure and efficient manner during open enrollment and beyond."