The bureaucracy tasked with Obamacare implementation may be violating
a law that requires government agencies to keep private information
safe.Under the the Federal Information Security Management Act (FISMA), the Department of Health and Human Services’ Center for Medicare and Medicaid Services (CMS) is required to have an “Authority to Operate,” or ATO. In order to receive an ATO, new information tech systems must perform a set of tests, including “Security Control Assessments” (SCA).
But according to CMS’s 2014 budget request, no such security assessment took place. The Federal Healthcare Marketplace website was rolled out without full end-to-end testing.
Indeed, the large number of new systems created because of Obamacare created a backlog of testing. CMS could not complete its required security. Failing to complete the required means no ATO, and hence a violation of federal law under FISMA.
FISMA was enacted in 2002. Under FISMA, federal agencies are required: “to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.”
Centers for Medicaid and Medicare Services is responsible for the oversight and implementation of the Federal Healthcare Marketplace website and associated systems.
Documents obtained by The Daily Caller reveal the federal violations.
(Click link below to read more)
READ MORE Sphere: Related Content
Posts
No comments:
Post a Comment