HealthCare.gov. the US federal website for selecting and signing up for health insurance under the Affordable Care Act, is leaking consumers' personal data to marketing and advertising purveyors.
The Associated Press uncovered the issue, and says that connections to dozens of third-party tech firms have been confirmed. The firms are gathering a variety of information, including age, income, ZIP code, whether a person smokes and if a person is pregnant. It can also include IP addresses, which can be linked back to a person's brick-and-mortar name or address when cross-referenced with cookies and the like served up by online advertising firms.
"This new information is extremely concerning, not only because it violates the privacy of millions of Americans, but because it may potentially compromise their security," Sens. Orrin Hatch, R-Utah, and Charles Grassley, R-Iowa, wrote to the administration.
For its part, the Obama administration denies that the firms are mishandling the data, or that it’s selling the data to marketers. A spokesperson said that it’s being gathered only for customer service analysis, to improve the HealthCare.gov user experience.
Administration spokesman Aaron Albright told the AP specifically that they "are prohibited from using information from these tools on HealthCare.gov for their companies' purposes." The government uses them to measure the performance of HealthCare.gov so consumers get "a simpler, more streamlined and intuitive experience," he said.
If that is indeed the case, then Luther Martin, chief security architect for Voltage Security, suggested that it would be wise to de-identify all sensitive information by using technology like encryption. Otherwise it’s a goldmine of usable information for hackers.
“Once the sensitive information is encrypted, it's of no value to hackers: even if they somehow manage to get their hands on it, it's useless gibberish to them,” Martin said. “This can be the difference between a hacker getting information like ‘parent=&pregnant=1’ and getting information like ‘nebrneeanepevayspn.’ One leaks sensitive information, while the other does not.”