Skip to main content

No Personal Health Info Was Exposed in ACA Exchange Breach, CMS Says

Analysis  |  By Steven Porter  
   October 26, 2018

No banking, federal tax, or protected health information was exposed in the breach announced last week, officials said.

A week after announcing that the files of about 75,000 people were exposed in a data breach on the federally facilitated Affordable Care Act exchanges, a spokesperson for the Centers for Medicare & Medicaid Services said Friday that the affected pathway is back online.

Suspicious activity on the direct enrollment pathway for agents and brokers had prompted an investigation that led to a breach being declared last week. That pathway was restored with new security measures installed with assistance from the Health and Human Services Office of Inspector General and HHS Chief Information Officer, the CMS spokesperson said.

Although authorities are continuing to investigate, they can now confirm that no banking, federal tax, or protected health information was exposed, the spokesperson said. Those who were affected will be notified after the assessment of the breached information is complete, and they will be offered free credit protection.

Related: Data Breach Exposes 75,000 Files on Federal ACA Exchange

The downtime concluded within a week of open enrollment, which begins on Thursday. It was limited to the pathway for agents and brokers, and it did not affect other enrollment channels, including the marketplace call center and consumer-facing HealthCare.gov, officials said.

Steven Porter is an associate content manager and Strategy editor for HealthLeaders, a Simplify Compliance brand.

Tagged Under:


Get the latest on healthcare leadership in your inbox.