The Centers for Medicare and Medicaid Services is reporting unauthorized access to consumer data in systems that support federal insurance exchanges.
The agency says the breach affects personal information of thousands of individuals who get their health insurance from Federally Facilitated Exchanges under the Affordable Care Act.
The exchanges enable agents and brokers to assist consumers with applications for insurance coverage. Late last week, CMS announced that earlier in the week the agency detected unusual activity in the exchanges, known by the acronym FFEs.
“At this time, we believe that approximately 75,000 individuals’ files were accessed,” CMS said. “While this is a small fraction of consumer records present on the FFEs, any breach of our system is unacceptable.”
Many states did not create their own insurance exchanges, and CMS operates the FFEs to ensure individuals who want insurance can get it.
Also See:
CMS will work to help individuals who may be affected by the breach and ensure the protection of consumer information, said CMS Administrator Seema Verma.
“I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted,” Verma adds. “We are working to identify the individuals impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”
CMS started investigating unusual system activity on October 13 and confirmed the breach on October 16. Agent and broker accounts associated with the activity were deactivated, and the direct enrollment system for agents and brokers has been temporarily disabled.
“It is important to note that CMS is in the beginning stages of the assessment of this breach,” an agency spokesperson says. “This is an evolving situation, and we will continue to provide additional information.
