Julie Appleby | (TNS) KFF Health News

Until last week, the system that is used to enroll people in federal Affordable Care Act insurance plans inadvertently allowed access by insurance brokers to consumers’ full Social Security numbers, information brokers don’t need.

That raised concerns about the potential for misuse.

The access to policyholders’ personal information was one of the problems cited in a KFF Health News article describing growing complaints about rogue agents enrolling people in ACA coverage, also known as Obamacare, or switching consumers’ plans without their permission in order to garner the commissions. The consumers are often unaware of the changes until they go to use their plan and find their doctors are not in the new plan’s network or their drugs are not covered.

Agent Joshua Brooker told KFF Health News it was relatively easy for agents to access full Social Security numbers through the federal insurance marketplace’s enrollment platforms, warning that “bad eggs now have access to all this private information about an individual.”

On April 1, the morning the article was posted on NPR’s website, Brooker said, he got a call from the Centers for Medicare & Medicaid Services questioning the accuracy of his comments.

A CMS representative told him he was wrong and that the numbers were hidden, Brooker said April 7. “I illustrated that they were not,” he said.

After he showed how the information could be accessed, “the immediate response was a scramble to patch what was acknowledged as ‘problematic,’” Brooker posted to social media late last week.

Brooker has followed the issue closely as chair of a marketplace committee for the National Association of Benefits and Insurance Professionals, a trade group.

After some phone calls with CMS and other technical experts, Brooker said, the federal site and direct enrollment partner platforms now mask the first six digits of the SSNs.

READ ALSO  Opponents of Alameda County District Attorney Pamela Price say they collected enough valid signatures to force recall election

“It was fixed Wednesday evening,” Brooker told KFF Health News. “This is great news for consumers.”

An April 8 written statement from CMS said the agency places the highest priority on protecting consumer privacy.

“Upon learning of this system vulnerability, CMS took immediate action to reach out to the direct enrollment platform where vulnerability was identified to make sure it was addressed,” wrote Jeff Wu, acting director of the Center for Consumer Information & Insurance Oversight at CMS.

He added that the Social Security numbers were not accessible through routine use of the platform but were in a portion of the site called developer tools. “This issue does not impact healthcare.gov,” Wu wrote.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *