The Direct Enrollment pathway was first launched in 2013. It allows insurance agents and brokers to help consumers sign up for Obamacare coverage on the national healthcare exchanges, which are officially known as Federally Facilitated Exchanges, or FFE.
CMS characterized the breach as affecting “a small fraction of consumer records present on the FFE,” and said that the agent and broker accounts that were associated with the anomalous activity were deactivated. It also has disabled the Direct Enrollment pathway while it cleans up the compromise and implements additional security measures, but CMS said it expects service to be restored by the end of the week.
Other Affordable Care Act enrollment channels, including HealthCare.gov and the Marketplace Call Center, weren’t affected by the incident and remain operational.
“Our No. 1 priority is the safety and security of the Americans we serve,” said CMS administrator Seema Verma, in a media statement. “We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information.”
She added, “I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”
Anthem, Apple and the Pentagon: A Data-Breach Cornucopia
A record fine and two new compromises kick off the autumn compromise season.
Privacy Regulation Could Be a Test for States’ Rights
As more states take cybersecurity and privacy issues into their own hands, experts worry that big tech will push for preemption.
Facebook Offers Details on ‘View As’ Breach, Revises Numbers
Facebook’s VP of product management was able to discuss more specifics about how the breach itself occurred.