One of many unintended consequences from the Affordable Care Act is that there appears to be security vulnerabilities in the Healthcare.gov website.¹

As a result, the value proposition of identity theft protection could be elevated in the eyes of human resources professionals who seek to offer employees greater peace of mind, stress level reduction, improved morale and prevention of productivity losses.

Will Marling, Ph.D., executive director of the National Organization for Victims Assistance, describes this troubling development as "a monster in the making." What's particularly disconcerting to him is that the long-standing struggle to meaningfully protect data is now being exacerbated by an additional layer of highly sensitive medical information that is now in play across cyberspace.

Healthcare.gov: An easy target

Marling believes that a website as highly visible as Healthcare.gov must have in place "as many layers of security as possible simply because [it may] become a greater target." But he lacks confidence in the government's ability to do a good job of protecting medical data.

His larger point is the inescapable human element of perpetration and "what that presents in terms of vulnerability" at multiple links in a data chain.

He says the federal government needs to test not just electronic data security, but also the internal measures that hold people accountable for appropriate policies and procedures.

Where does the responsibility of security lie?

Thomas Dougall, a South Carolina attorney, believes the initial blame falls on "contractors who created an unsecured system," but that ultimately it's the responsibility of the heads of the U.S. Centers for Medicare & Medicaid Services (CMS) and the U.S. Department of Health and Human Services, both of whom "knew they were putting our personal information at risk."

Growing demand for identity theft protection

Marling senses a greater interest in identity theft protection "as a benefit for companies to provide to their employees" because of growing awareness of the crime's impact and how people are vulnerable to security breaches.

A Bloomberg report, Obamacare: Trending which way?, listed "identity theft, misrouted data and unencrypted information" among the top concerns leading up to the online marketplace's launch on Oct. 12.

People who enroll in a health insurance plan through one of the new online marketplaces will be asked to provide personal information, such as their household income and Social Security numbers, the Bloomberg article² noted, while data from seven federal agencies is required to determine what products can be bought and whether they will be eligible for tax credits.

Bruce Shutan is a Los Angeles-based freelance writer.

¹ Belvedere, Matthew J. "Fixed Obamacare site still not secure, says hacker." December 5, 2013. http://www.cnbc.com/id/101248966 Accessed 12.12.13.
² Silva, Mark. Obamacare: Trending which way? go.bloomberg.com. November 13, 2013.http://go.bloomberg.com/political-capital/2013-11-13/obamacare-trending-which-way/ Accessed 12.12.13.