Americans who buy health insurance through the federal Obamacare exchange website could have their personal information stolen by hackers and never even know it.
Most of the state-run health exchange websites will be covered by state laws that require notification when government databases are breached by hackers. But there is no law requiring notification when databases run by the federal government are breached, and even though the Department of Health and Human Services was asked to include a notification provision in the rules being drawn up for the new federal exchange, it declined to do so.
Other protections for individuals’ privacy, like the Health Insurance Portability and Accountability Act, or HIPAA, do not apply to the government-run exchange, only to health providers and insurance companies operating within the exchange.
Privacy advocates and cyber-security experts have had concerns about the lack of a federal notification law for years and hope the scrutiny of the Obamacare exchange will finally bringchange.
Read More: http://watchdog.org/