Health care privacy concerns loom with links to IRS, Peace Corps

The biggest overhaul of the U.S. health care system in 50 years has spawned one of the most complex computer projects in the government’s history.

Dubbed “the hub,” the $267 million computer system built by a unit of UnitedHealth Group Inc. is one of the most important determiners of whether the Affordable Care Act succeeds. The hub ties together the databases of seven U.S. agencies, ranging from the Internal Revenue Service to the Peace Corps, to determine which Americans can buy medical coverage and get U.S. subsidies through the new government-run insurance exchanges.

Marilyn Tavenner, the Medicare chief whose agency will oversee the hub, is set to report in a congressional hearing Monday that the system’s construction is complete and testing will be finished by Sept. 1, a month before the exchanges open. Security, a subject scrutinized by Republicans, will be assured through strict rules on standards that all parties who use the hub must sign, U.S. officials said.

“We have been engaged in a great deal of discussions to make sure these standards are incredibly strong,” said Chiquita Brooks-Lasure, the deputy director of the Center for Consumer Information and Insurance Oversight.

About 7 million people may seek coverage through the exchanges, the Congressional Budget Office has said. The hub’s job is to confirm personal characteristics that include identity, citizenship, income and family size – even whether they’re incarcerated – as a way to determine eligibility. The system also will weed out applicants who may be able to access other U.S. health programs, including current or former military members and Peace Corps volunteers.

The system’s broad reach has raised concerns among Republicans, who have said they fear consumer privacy could be threatened by computer hackers who target the system, sloppy handling of equipment used to access the data or by government officials who may misuse the information that’s collected.

“It’s information on 300 million Americans, all compiled in one place – what could go wrong?” said Rep. James Lankford, the Oklahoma Republican presiding over the hearing. “They’re going to have to assure a lot of Americans that their information is going to be held safe and that there’s a purpose for that.”

Lawmakers and critics of the health care reform point to incidents involving insurers that will be sending data into the hub and the government. In the most recent example, WellPoint Inc. last week paid $1.7 million to settle potential violations of U.S. privacy laws when a company website left the health data of 612,402 customers unprotected over the Internet.

Some of the concerns may be misguided, Brooks-Lasure said. For instance, the hub can only access information about potential enrollees, and there’s no central storage area for data, she said. It is designed to serve as a sort of central nervous system for the exchanges, using software levers to route eligibility queries from the online marketplaces to the appropriate U.S. agencies and then back with the needed data.

The hub was developed by Quality Software Services Inc. of Bethesda, Md., which has received $49.5 million since 2011 to do the work, according to data compiled by Bloomberg Government. Last year QSSI was acquired by Minnetonka, Minn.-based UnitedHealth, the nation’s largest health insurer.

“From a pure technology perspective, it’s very impressive,” said Stephen Parente, a health economist and information technology expert at the University of Minnesota who was an adviser to Sen. John McCain, R-Ariz., in his 2008 presidential campaign.

Still, the hub will be, “for lack of a better term, a hacking target,” he said.

Tavenner, chief of the Centers for Medicaid and Medicare Services, will defend the system’s safety before Congress on Monday, according to prepared testimony obtained by Bloomberg.

In the exchanges run by the federal government, only “authorized CMS personnel” will be able to access personal data using “password security, encryptions, firewalls and secured operating systems,” Tavenner will say, according to the prepared comments. Her agency “has a robust security monitoring system that reviews all security events, tools, requirements and network device logs to identify, assess and manage vulnerabilities and threats.”

Additionally, exchanges run by states will have to pass a federal “privacy impact assessment” before they’re allowed to use the hub to access federal databases, according to Tavenner’s prepared comments.

While the Obama administration considers the hub complete, a key function it was designed to handle won’t work perfectly by Oct. 1. The system is supposed to verify whether people who buy insurance at exchanges are eligible for federal subsidies to help with monthly premiums. That depends on an applicant’s current income, something the hub won’t know from querying IRS tax records, which can be a year out of date or more. Applicants will be asked to attest to their current income.