The incompetence of a federal employee has led to a security breach involving the Social Security numbers of 2,400 people. According to the Minneapolis Star-Tribune, an Obamacare exchange employee in Minnesota “accidently” sent out an email containing the essential identifying numbers.
According to the Star-Tribune, an MNsure bureaucrat accidently clicked the 'send' button on an email to an insurance broker in Apple Vally MN on September 12 that contained Social Security numbers, names, and other identifying information on more than 2,400 insurance agents.
“An official at MNsure, the state’s new online health insurance exchange, acknowledged it had mishandled private data. A MNsure security manager called the broker, Jim Koester, and walked him and his assistant through a process of deleting the file from their computer hard drives.”
The paper said that Koester was compliant, but understandably unnerved by the security breach. Said Koester, according to the Star-Tribune, “‘The more I thought about it, the more troubled I was,’ he said. ‘What if this had fallen into the wrong hands? It’s scary. If this is happening now, how can clients of MNsure be confident their data is safe?’”
Furthermore, the paper reported, “Users of the exchange will need to provide sensitive information, including Social Security numbers, that will be sent to a federal hub to verify such things as citizenship and household income….”
“All states and the federal government, which also is setting up exchanges for some states, are scurrying to get the complex system running in less than three weeks.”
Critics of Obamacare and the Obama administration have urged caution in setting up the federal government’s hub online until it has been thoroughly vetted and tested.
The insurance broker, Koester, was applying to become a so-called Obamacare “navigator” when he received the leaked Social Security numbers. According to the Star-Tribune, “Koester, the agent, had been working with MNsure staff because he was having trouble registering for classes to get trained as a certified ‘navigator’ to help people sign up for coverage.” Another 'navigator' of the complexity instituted under the Affordable Care Act is Planned Parenthood, a provider of abortion and contraception that already receives millions of dollars in federal contracts.
In addition to the Social Security numbers, Koester also received page after page of names, business addresses, and license numbers. Koester expressed concern, saying “‘They’ve got to realize they have a huge problem.’” Besides, said Koester according to the Star-Tribune, “‘[T]he gorilla in the room is that they sent me something that’s not even encrypted. It’s unsecured, on an Excel spreadsheet — which is using outdated technology to transfer that information in the first place.’”
Speaking philosophically, Democratic Gov. Mark Dayton defended MNsure, following the report. "There's going to be mistakes, there's going to be glitches and there's going to be human error, as there is in any enterprise - particularly just a large one like this that's just getting under way," he said. The federal government is scrambling to meet an October 1 deadline to get the so-called health exchanges up and running.
The haste, and the prospect of further security breaches, has some experts worried. A professor at the Carlson business school at the University of Minnesota, Stephen Parente, warned the U.S. Congress of the dangers posed by Obamacare: “the largest personal data integration government project in the history of the Republic, with up to 300 million American citizen records needing to be combined from five federal agencies.”
See Obamacare hub flowchart here.