RESOURCES

Healthcare.gov: Actions Needed to Address Weaknesses in Information Security and Privacy Controls

This report finds that while Healthcare.gov's Centers for Medicare and Medicaid Services (CMS) implemented some appropriate measures for cybersecurity, there are still weakness in "the processes used for managing information security and privacy as well as the technical implementation of IT security controls" (p. "highlights"). It describes the planned information sharing with Healthcare.gov and how secure those efforts at information sharing were. In doing this, it describes the many other entities that were involved in this information sharing.

View Source