Obamacare subscribers have 'no reasonable expectation of privacy,'

Two members of Congress got into a shouting match Thursday over whether the error-plagued Obamacare Americans give up their privacy rights when they apply for health insurance through the federal government.
Rep. Frank Pallone of New Jersey unleashed a round of verbal Kung-Fu during a House hearing after Reps. Joe Barton of Texas and Marsha Blackburn of Tennessee accused software contractors of violating the Health Insurance Portability and Accountability Act, known as HIPPA, by collecting Americans' personal information from Healthcare.gov.
And one company official testified to the House Energy and Commerce Committee that 2,000 employees have access to the information Americans give the Obamacare website when they apply for insurance.

John Lau, a program director at Serco – a company that helps the federal government determine if Obamacare applicants meet eligibility requirements – testified that '2,000 people' in his company have access to their applications, and that the information was retained for 30 days.
'You know,' countered Rep. Blackburn, 'under HIPPA regs, no one's supposed to have access to that database.'


Read more: www.dailymail.co.uk... alls-House-hearing-monkey-court.html#ixzz2ifUvaalA

So what do you think, believe? If over 2000 people have access to our personal information at just one company, then I believe we have a problem....

reply to post by Dav1d


One of the reason's I haven't viewed my eligible rates on healthcare.gov and instead rely on third party rate calculators is because I don't want to input all my sensitive information just to window shop. I've never heard of something so ludicrous. You should be able to compare rates side by side without worrying about your identity being stolen. The dumbest thing is this was a last minute change implemented by the WH and is probably a leading cause of most of the bugs currently plaguing the site.

During Thursday's congressional hearing with the contractors responsible for building the troubled ObamaCare federal exchanges, we learned that whether you end up enrolling in ObamaCare or not, no one who puts any information into the ObamaCare website can expect to have their privacy protected. Moreover, the fact that you are giving up your right to privacy is hidden in source code that reads, "You have no reasonable expectation of privacy regarding any communication of any data transmitted or stored on this information system."

During his questioning on this specific issue, Rep. Joe Barton (R-TX) only received chilling answers and deflections from the primary contractor responsible for the site. When he asked Cheryl Campbell of CGI about it, her icy response was that another contractor was responsible. After some pressuring, she finally admitted that she was aware of the hidden source code.

Just a few minutes earlier, however, Ms. Campbell testified under oath that the ObamaCare website is HIPAA compliant -- meaning everyone's medical and personal information is protected by law.

The next questioner was Rep. Frank Pallone (D-NJ) who immediately attacked Barton as running a "monkey court" and then dismissed the fact that people are unknowingly giving up their right to privacy. Pallone correctly pointed out that you are not required to give out any medical information on the ObamaCare site, but Pallone conveniently ignored the fact that HIPAA doesn't just protect medical information. It is also supposed to protect personal information.

Source: nation.foxnews.com...

So do hidden lines of code actually matter?

Another fun case of the feds saying "open your mouth, close your eyes and you'll get a big surprise!"

So true,
But then, how many people are employed in the NSA/NCTC?
Need I add, that NSA/NCTC will know your dingleberry count as well as the Angela Merkel's and David Cameron's and Madonna's and....

And if any of this is outsourced, how many of those employees "offshore" are part of that 2000? If any, that means your data might be traveling around the world, and subject to theft at any point along the way. I wonder, is this data encrypted when stored in the database using something stronger than Base64

reply to post by Krakatoa


Flat text file.

I'm going to guess something like healthcare.gov/sensitiveuserinformationstoredhere.txt

Seems about right.

We'll find out about that by next week, though. I'm sure there are hundreds of people currently working on the issue of how to get your information out of that "database", and at least one of them is probably just so the loopholes and backdoors can be found and fixed. They'll tell us what they find, I'm sure.

CrikeyMagnet
reply to post by Krakatoa

 

Flat text file.

I'm going to guess something like healthcare.gov/sensitiveuserinformationstoredhere.txt

Seems about right.

We'll find out about that by next week, though. I'm sure there are hundreds of people currently working on the issue of how to get your information out of that "database", and at least one of them is probably just so the loopholes and backdoors can be found and fixed. They'll tell us what they find, I'm sure.

You jest, but I'll bet that (unfortunately) you are closer to the truth than should be possible. If they cannot add a registration module/process without doing rudimentary Avalanche testing, then a flat text file or data stored in plain text is par for the course I'm afraid.