#Login Register


  • 6 Vote(s) - 3.33 Average
Home 


Lie of the Year: 'If you like your health care plan, you can keep it'
Anonymous Kritter Show this Post
12-20-2013, 01:52 AM #31
Anonymous Kritter Incognito Anonymous
 
(12-20-2013, 01:22 AM)Softy Wrote:  While “user experience” may have been improved, security expert David Kennedy insists there has been no improvement to data security, and the rapid pace of the fixes may have even made matters worse.

“It doesn’t appear that any security fixes were done at all,” Kennedy said. “They said they implemented over 400 bug fixes. When you recode the application to fix these 400 bugs—they were rushing this out of the door to get the site at least so it can work a little bit—you’re introducing more security flaws as you go along with it because you don’t even check that code.”

Kennedy, CEO of the security consultancy TrustedSec, testified before congress recently about the security lapses he found after conducting a fairly routine, low-intensity penetration test of the government run website, saying that the developers took little to no care in producing a secure portal.

“I’m a little bit more skeptical now, and I would still definitely advise individuals to not use the website because it’s definitely something that I don’t believe is secure and neither did the four individuals that testified in front of Congress,” Kennedy continued.

http://www.tripwire.com/state-of-securit...-security/

(:X

Government does not approach security the same way a commercial sites does.


The Centers for Medicare & Medicaid Services (CMS) has built a tool called the Data Services Hub (the Hub) that will help verify information used to determine eligibility for enrollment in qualified health plans and insurance affordability programs. The Hub will provide one connection to the common federal data sources needed to verify consumer application information for income, citizenship, immigration status, access to minimum essential coverage, etc.

It is a critical priority that all systems are secure and personal information is protected. The Hub was specifically designed to minimize security risk, by developing a system that does not retain or store Personally Identifiable Information.

These efforts provide a security framework to safeguard consumer data, allowing eligible Americans to confidently and securely enroll in quality affordable health coverage starting on October 1, 2013. The following describes some of the steps taken to ensure the security of the Hub.

Hub Design


CMS has designed the Hub, a routing tool that helps Marketplaces provide accurate and timely eligibility determinations. The Hub will verify data against information contained in already existing, secure and trusted Federal and state databases. CMS will have security and privacy agreements with all Federal agencies and states connecting to the Hub. These include the Social Security Administration, the Internal Revenue Service, the Department of Homeland Security, the Department of Veterans Affairs, Medicare, TRICARE, the Peace Corps and the Office of Personnel Management.

The Hub increases efficiency and security by eliminating the need for each Marketplace, Medicaid agency, and CHIP agency to set up separate data connections to each database. Risk increases when the number of connections to a data source increase – which is why CMS has designed the Hub to prevent such liabilities. The Hub provides one highly secured connection to trusted federal and state databases instead of requiring each agency to set up what could have amounted to hundreds of independently established connections.

Systems Security

The Hub and its associated systems have several layers of protection in place to mitigate information security risk. For example, Marketplace systems will employ a continuous monitoring model that will utilize sensors and active event monitoring to quickly identify and take action against irregular behavior and unauthorized system changes that could indicate a potential incident.

If a security incident occurs, an Incident Response capability would be activated, which allows for the tracking, investigation, and reporting of incidents. This allows CMS and the Department of Health and Human Services (HHS) to quickly identify security incidents and ensure that the relevant law enforcement authorities, such as the HHS Office of Inspector General Cyber Crimes Unit, are notified for purposes of possible criminal investigation.

The privacy and security of consumer data is a top priority for HHS and CMS. The Hub and its associated systems have been built with state-of-the art business processes based on federal and industry standards. CMS has developed an extremely strong enterprise information security program to protect consumer information in a secure and efficient manner during open enrollment and beyond.

Data Hub Testing

Every federal information technology system must comply with rigorous standards before the system is allowed to operate. The Hub completed its independent Security Controls Assessment on August 23, 2013 and received an authorization to operate on September 6, 2013. The completion of this testing confirms that the Hub complies with federal standards and that HHS and CMS have implemented the appropriate procedures and safeguards necessary for the Hub to operate securely on October 1.

As with all systems, the responsibility to safeguard information is an ongoing process, and HHS and CMS will remain vigilant throughout operations to anticipate and protect against evolving data security concerns. The marketplace monitoring program will continually be reviewed for effectiveness of the systems’ security controls, through methods that include independent penetration testing, automated vulnerability scans, system configuration monitoring, and active web application scanning.

Compliance


CMS developed the marketplace systems consistent with federal statutes, guidelines and industry standards that ensure the security, privacy, and integrity of systems and the data that flows through them. All of CMS’ marketplace systems of records are subject to the Privacy Act of 1974, the Computer Security Act of 1987, and the Federal Information Security Management Act of 2002. These systems must also comply with various rules and regulations promulgated by HHS, the Office of Management and Budget, the Department of Homeland Security, and the National Institute of Standards and Technology.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If I understand their hub properly it seems to me that at most a hacker could phish just information of a few individuals as their data moves through the system and their intrusion is detected countered and traced... meaning those hackers may get a knock on their door.

If you understood anything at all about government approach to security you would know that they intentionally leave many systems open to a degree to let the intruders in so they can be dealt with and caught ...they also know that no cyber security system is hack proof so to rely on such to protect large amounts of sensitive data is foolish and only causes additional problems.

Familiar with the Gary Mckinnon case? Wide open network accessed from a secret door right out in the open. Did he managed to even copy a single piece of information? Was he found out? They let him roam to see what he would do... they watch and when and if they see large amounts of information attempted to be downloaded(which isn't stored in the healthcare hub as the fact sheet makes clear) They block it and confront. They didn't make a stink until he went public with what he saw. The security is "eyes on". Which means when intrusion is detected you are being watched and your crimes are being recorded for prosecution. The systems are often set up as a kind of "labyrinth" so as to make movements easily detectable and trackable ...as the intruder attempts to collect data, data about the intruder is being collected.

http://kritterbox.com/Thread-HACKERS-NO-...#pid150351

...ya sure it might be relatively easy to get in for a hacker with moderate skill but you have access to very little (and they are not going to be allowed to sit their gathering data off the pipes)That IS the security!!! This isn't some commercial site. This is a government website and as I tried to make clear above they do things a bit differently... a commercial site does not have the assets to monitor intruders and send agents to their door. Their approach is to build thicker doors with stronger locks which can always be broken some way some how by some one.
http://kritterbox.com/Thread-HACKERS-NO-...#pid150352
Anonymous Kritter Show this Post
12-20-2013, 02:02 AM #32
Anonymous Kritter Incognito Anonymous
 
(12-20-2013, 01:13 AM)CuckooKill Wrote:  
(12-20-2013, 01:02 AM)Softy Wrote:  Maybe he is trying out for one of those spin doctor jobs,,,

if you like you spin doctor,,,you can keep your spin doctor!!!,,,

I have read several of the cancel letters,,,the letters say ACA,,,

others rates went up due to ACA,,,says right there in the

Florida Blue letter...

and David Kennedy said no software protection...

(:X

It comes down to propaganda vs common sense. Some people believe all the propaganda and some people have common sense.

I doubt he is an actual shill seeing as how KB is not exactly a huge site plus most of the people here aren't even American 13.gif

Nobody else here is signing up for Obamacare so its a waste of time to try and convince anyone that Obamacare is really working or good at all

Really?

Once again you prove what an ignorant liar you are...

http://kritterbox.com/Thread-I-am-now-fi...-Obamacare
Mary and I are enrolled in Blue Cross. Crappy HMO with $5000 deductable , 80/20. We are both covered and our monthly payment after subsidy is $.03 a month.

"Nobody else" ...or are you going to try to then claim that you were including Wayne in your statement? Which seems to be your usual habit when ever your bullshit statements are called out for what they are.
12-20-2013, 02:28 AM #33
KILLUMINATI Made Ya Look!!
Posts:4,764 Threads:1,046 Joined:Jun 2012
(12-20-2013, 02:02 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:13 AM)CuckooKill Wrote:  
(12-20-2013, 01:02 AM)Softy Wrote:  Maybe he is trying out for one of those spin doctor jobs,,,

if you like you spin doctor,,,you can keep your spin doctor!!!,,,

I have read several of the cancel letters,,,the letters say ACA,,,

others rates went up due to ACA,,,says right there in the

Florida Blue letter...

and David Kennedy said no software protection...

(:X

It comes down to propaganda vs common sense. Some people believe all the propaganda and some people have common sense.

I doubt he is an actual shill seeing as how KB is not exactly a huge site plus most of the people here aren't even American 13.gif

Nobody else here is signing up for Obamacare so its a waste of time to try and convince anyone that Obamacare is really working or good at all

Really?

Once again you prove what an ignorant liar you are...

http://kritterbox.com/Thread-I-am-now-fi...-Obamacare
Mary and I are enrolled in Blue Cross. Crappy HMO with $5000 deductable , 80/20. We are both covered and our monthly payment after subsidy is $.03 a month.

"Nobody else" ...or are you going to try to then claim that you were including Wayne in your statement? Which seems to be your usual habit when ever your bullshit statements are called out for what they are.

When using english to communicate when a person says nobody else that means no more people than now. Are you retarded or is it an act?

Once again nobody else here is going to sign up for Bamacare. Its a waste of your time to try and prove that der führer's plan is working. Do you understand ??
12-20-2013, 02:36 AM #34
KILLUMINATI Made Ya Look!!
Posts:4,764 Threads:1,046 Joined:Jun 2012
Anonymous Kritter Show this Post
12-20-2013, 02:42 AM #35
Anonymous Kritter Incognito Anonymous
 
(12-20-2013, 02:28 AM)CuckooKill Wrote:  
(12-20-2013, 02:02 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:13 AM)CuckooKill Wrote:  
(12-20-2013, 01:02 AM)Softy Wrote:  Maybe he is trying out for one of those spin doctor jobs,,,

if you like you spin doctor,,,you can keep your spin doctor!!!,,,

I have read several of the cancel letters,,,the letters say ACA,,,

others rates went up due to ACA,,,says right there in the

Florida Blue letter...

and David Kennedy said no software protection...

(:X

It comes down to propaganda vs common sense. Some people believe all the propaganda and some people have common sense.

I doubt he is an actual shill seeing as how KB is not exactly a huge site plus most of the people here aren't even American 13.gif

Nobody else here is signing up for Obamacare so its a waste of time to try and convince anyone that Obamacare is really working or good at all

Really?

Once again you prove what an ignorant liar you are...

http://kritterbox.com/Thread-I-am-now-fi...-Obamacare
Mary and I are enrolled in Blue Cross. Crappy HMO with $5000 deductable , 80/20. We are both covered and our monthly payment after subsidy is $.03 a month.

"Nobody else" ...or are you going to try to then claim that you were including Wayne in your statement? Which seems to be your usual habit when ever your bullshit statements are called out for what they are.

When using english to communicate when a person says nobody else that means no more people than now. Are you retarded or is it an act?

Once again nobldy else here is going to sign up for Bamacare. Its a waste of your time to try and prove that der fuhrer's plan is working. Do you understand ??

...you are intentionally trying to be deceptive. Knowing that most reading will assume you are referring to me ...and also that is quite a bold statement that will be proven a lie in just a few months... if not when someone else signs up (could even be someone here who feels they have no choice but still hates obama(care) so much they won't share) ...then when I have to a few months from now. What will you say then? That you were only referring to registered accounts?

You have already been proven a liar in advance as eventually I WILL NEED TO SIGN UP!

Quite the retard to make a claim as to what other people will or will not do as if it was a fact.
12-20-2013, 03:02 AM #36
KILLUMINATI Made Ya Look!!
Posts:4,764 Threads:1,046 Joined:Jun 2012
(12-20-2013, 02:42 AM)Anonymous Kritter Wrote:  
(12-20-2013, 02:28 AM)CuckooKill Wrote:  
(12-20-2013, 02:02 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:13 AM)CuckooKill Wrote:  
(12-20-2013, 01:02 AM)Softy Wrote:  Maybe he is trying out for one of those spin doctor jobs,,,

if you like you spin doctor,,,you can keep your spin doctor!!!,,,

I have read several of the cancel letters,,,the letters say ACA,,,

others rates went up due to ACA,,,says right there in the

Florida Blue letter...

and David Kennedy said no software protection...

(:X

It comes down to propaganda vs common sense. Some people believe all the propaganda and some people have common sense.

I doubt he is an actual shill seeing as how KB is not exactly a huge site plus most of the people here aren't even American 13.gif

Nobody else here is signing up for Obamacare so its a waste of time to try and convince anyone that Obamacare is really working or good at all

Really?

Once again you prove what an ignorant liar you are...

http://kritterbox.com/Thread-I-am-now-fi...-Obamacare
Mary and I are enrolled in Blue Cross. Crappy HMO with $5000 deductable , 80/20. We are both covered and our monthly payment after subsidy is $.03 a month.

"Nobody else" ...or are you going to try to then claim that you were including Wayne in your statement? Which seems to be your usual habit when ever your bullshit statements are called out for what they are.

When using english to communicate when a person says nobody else that means no more people than now. Are you retarded or is it an act?

Once again nobldy else here is going to sign up for Bamacare. Its a waste of your time to try and prove that der fuhrer's plan is working. Do you understand ??

...you are intentionally trying to be deceptive. Knowing that most reading will assume you are referring to me ...and also that is quite a bold statement that will be proven a lie in just a few months... if not when someone else signs up (could even be someone here who feels they have no choice but still hates obama(care) so much they won't share) ...then when I have to a few months from now. What will you say then? That you were only referring to registered accounts?

You have already been proven a liar in advance as eventually I WILL NEED TO SIGN UP!

Quite the retard to make a claim as to what other people will or will not do as if it was a fact.

That would make me wrong not a liar. What did you call it a "misinterpretation" chuckle.gif

If Obamacare turns out to be great and saves everyone money as promised I will be the first to admit I was wrong but as of right now there is nothing that says its working at all.


This is not the time of the year to bicker about this so how about a truce until after Christmas. I wont start any new threads that have anything to do with Obamacare.

Deal? cheers.gif
12-20-2013, 03:28 AM #37
Softy Incognito Anonymous
 
(12-20-2013, 01:27 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:02 AM)Softy Wrote:  Maybe he is trying out for one of those spin doctor jobs,,,

if you like you spin doctor,,,you can keep your spin doctor!!!,,,

I have read several of the cancel letters,,,the letters say ACA,,,

others rates went up due to ACA,,,says right there in the

Florida Blue letter...

and David Kennedy said no software protection...

(:X

Rates quoted OUTSIDE OF THE EXCHANGE MARKETPLACE!!!

...we went through this before on this forum within many many threads. NOT ONE single legitimate(not made up bullshit story) case of people's insurance companies jacking up their rates was a quote THROUGH THE EXCHANGE. They simply sent out letters of rate increase based on the added ACA required comprehensive coverage using old pricing models ...hoping to scam people into paying more without GOING THROUGH THE EXCHANGE.

How many times do I have to explain this to you bubble heads?

No man,,,they increased the rates on existing private policies that

had existed for many years,,,and stated in the letters of the private existing

policies that had existed for many years that the increase in price was due to

ACA,,,no benefits were increased,,,none,,,just raised the price because of ACA...

but hey,,,this whole thing is going to implode,,,and when all them folks get hacked,,,

like some already are,,,but is not in mainstream media,,,it is going to get real

interesting,,,when they exposed all those people...

(:X
Anonymous Kritter Show this Post
12-20-2013, 03:40 AM #38
Anonymous Kritter Incognito Anonymous
 
(12-20-2013, 03:02 AM)CuckooKill Wrote:  
(12-20-2013, 02:42 AM)Anonymous Kritter Wrote:  
(12-20-2013, 02:28 AM)CuckooKill Wrote:  
(12-20-2013, 02:02 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:13 AM)CuckooKill Wrote:  It comes down to propaganda vs common sense. Some people believe all the propaganda and some people have common sense.

I doubt he is an actual shill seeing as how KB is not exactly a huge site plus most of the people here aren't even American 13.gif

Nobody else here is signing up for Obamacare so its a waste of time to try and convince anyone that Obamacare is really working or good at all

Really?

Once again you prove what an ignorant liar you are...

http://kritterbox.com/Thread-I-am-now-fi...-Obamacare
Mary and I are enrolled in Blue Cross. Crappy HMO with $5000 deductable , 80/20. We are both covered and our monthly payment after subsidy is $.03 a month.

"Nobody else" ...or are you going to try to then claim that you were including Wayne in your statement? Which seems to be your usual habit when ever your bullshit statements are called out for what they are.

When using english to communicate when a person says nobody else that means no more people than now. Are you retarded or is it an act?

Once again nobldy else here is going to sign up for Bamacare. Its a waste of your time to try and prove that der fuhrer's plan is working. Do you understand ??

...you are intentionally trying to be deceptive. Knowing that most reading will assume you are referring to me ...and also that is quite a bold statement that will be proven a lie in just a few months... if not when someone else signs up (could even be someone here who feels they have no choice but still hates obama(care) so much they won't share) ...then when I have to a few months from now. What will you say then? That you were only referring to registered accounts?

You have already been proven a liar in advance as eventually I WILL NEED TO SIGN UP!

Quite the retard to make a claim as to what other people will or will not do as if it was a fact.

That would make me wrong not a liar. What did you call it a "misinterpretation" chuckle.gif

If Obamacare turns out to be great and saves everyone money as promised I will be the first to admit I was wrong but as of right now there is nothing that says its working at all.


This is not the time of the year to bicker about this so how about a truce until after Christmas. I wont start any new threads that have anything to do with Obamacare.

Deal? cheers.gif

Glad to see you realize this... now by your own words you also just declared Obama as wrong and not a liar.


...if you can truly keep from posting new threads about this I would gladly agree to ignore the new threads you do not post ...but you are not the only one here and I make no promises to refrain from responding or posting informative threads disproving the bullshit I see. I typically try to ignore most of your crap anyways since it usually contains nothing but hollow tripe. coffeetime.gif
12-20-2013, 03:40 AM #39
Softy Incognito Anonymous
 
(12-20-2013, 01:22 AM)Softy Wrote:  While “user experience” may have been improved, security expert David Kennedy insists there has been no improvement to data security, and the rapid pace of the fixes may have even made matters worse.

“It doesn’t appear that any security fixes were done at all,” Kennedy said. “They said they implemented over 400 bug fixes. When you recode the application to fix these 400 bugs—they were rushing this out of the door to get the site at least so it can work a little bit—you’re introducing more security flaws as you go along with it because you don’t even check that code.”

Kennedy, CEO of the security consultancy TrustedSec, testified before congress recently about the security lapses he found after conducting a fairly routine, low-intensity penetration test of the government run website, saying that the developers took little to no care in producing a secure portal.

“I’m a little bit more skeptical now, and I would still definitely advise individuals to not use the website because it’s definitely something that I don’t believe is secure and neither did the four individuals that testified in front of Congress,” Kennedy continued.

http://www.tripwire.com/state-of-securit...-security/

(:X

I would still definitely advise individuals to not use the website because it’s definitely something that I don’t believe is secure and neither did the four individuals that testified in front of Congress,” Kennedy continued.

so,,,you know more than these individuals that testified before Congress???,,,

it is all a real bad plan,,,going to be expensive too,,,now patches for canceled

policies for Jan.,,,retroactive payments,,,everything is being made up as we go

along...

(:X
Anonymous Kritter Show this Post
12-20-2013, 04:02 AM #40
Anonymous Kritter Incognito Anonymous
 
(12-20-2013, 03:28 AM)Softy Wrote:  
(12-20-2013, 01:27 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:02 AM)Softy Wrote:  Maybe he is trying out for one of those spin doctor jobs,,,

if you like you spin doctor,,,you can keep your spin doctor!!!,,,

I have read several of the cancel letters,,,the letters say ACA,,,

others rates went up due to ACA,,,says right there in the

Florida Blue letter...

and David Kennedy said no software protection...

(:X

Rates quoted OUTSIDE OF THE EXCHANGE MARKETPLACE!!!

...we went through this before on this forum within many many threads. NOT ONE single legitimate(not made up bullshit story) case of people's insurance companies jacking up their rates was a quote THROUGH THE EXCHANGE. They simply sent out letters of rate increase based on the added ACA required comprehensive coverage using old pricing models ...hoping to scam people into paying more without GOING THROUGH THE EXCHANGE.

How many times do I have to explain this to you bubble heads?

No man,,,they increased the rates on existing private policies that

had existed for many years,,,and stated in the letters of the private existing

policies that had existed for many years that the increase in price was due to

ACA,,,no benefits were increased,,,none,,,just raised the price because of ACA...

but hey,,,this whole thing is going to implode,,,and when all them folks get hacked,,,

like some already are,,,but is not in mainstream media,,,it is going to get real

interesting,,,when they exposed all those people...

(:X

Regardless... the rate increase is outside of the exchange and does not reflect Obamacare prices through the marketplace... so to go ahead and act like ACA is increasing your plan costs when you are not using the ACA marketplace ...not exactly fair ...but that is to be expected coming from an Obama(care) hater.

Here let me repeat in more detail for clarity.

...it is only true if you keep your plan and your provider decides to jack your rates ...a plan that you can likely find identical version of (perhaps even from the same provider) through the exchange... if not for less, then for just a little more ...and don't forget to count the subsidy for those under 250% of the poverty line. Many stories where people claim rate increases through the exchange don't bother to factor that in ...yet to see a single valid story where someone's rate went up more then $50 on the exchange ...and those plans have proven to be almost always more comprehensive then what they had before and the higher cost typically coming from exchanges in areas where there is no competition... something the democrats tried to fix by allowing the gov to temporarily offer plans on the exchange in these areas till more competition enters these regions but the repubs blocked it as they want to see it fail and will do absolutely anything and everything they can to make that happen.
12-20-2013, 04:02 AM #41
Softy Incognito Anonymous
 
The Obamacare website has more than annoying bugs. A cybersecurity expert found a way to hack into users' accounts.

Until the Department of Health fixed the security hole last week, anyone could easily reset your Healthcare.gov password without your knowledge and potentially hijack your account.

http://money.cnn.com/2013/10/29/technolo...-security/

Obamacare 'hub' back online after malfunction

http://money.cnn.com/2013/10/27/news/oba...tml?iid=EL

To fix Obamacare website, blow it up, start over

http://money.cnn.com/2013/10/23/technolo...tml?iid=EL

yeah,,,I know,,,these are october,,,still,,,don't tell me everything is ok,,,

not what experts are saying...

(:X
Anonymous Kritter Show this Post
12-20-2013, 04:07 AM #42
Anonymous Kritter Incognito Anonymous
 
but hey,,,this whole thing is going to implode,,,and when all them folks get hacked,,,

Oh... and just like most bubble heads here you completely ignored posts containing factual information contrary to what you believe is truth.

Ignore it again... enjoy your bubble. It will the eventual death of the republican party as truth always wins in the end... even though the lies will have their day. Truth is for eternity.

(12-20-2013, 01:52 AM)Anonymous Kritter Wrote:  
(12-20-2013, 01:22 AM)Softy Wrote:  While “user experience” may have been improved, security expert David Kennedy insists there has been no improvement to data security, and the rapid pace of the fixes may have even made matters worse.

“It doesn’t appear that any security fixes were done at all,” Kennedy said. “They said they implemented over 400 bug fixes. When you recode the application to fix these 400 bugs—they were rushing this out of the door to get the site at least so it can work a little bit—you’re introducing more security flaws as you go along with it because you don’t even check that code.”

Kennedy, CEO of the security consultancy TrustedSec, testified before congress recently about the security lapses he found after conducting a fairly routine, low-intensity penetration test of the government run website, saying that the developers took little to no care in producing a secure portal.

“I’m a little bit more skeptical now, and I would still definitely advise individuals to not use the website because it’s definitely something that I don’t believe is secure and neither did the four individuals that testified in front of Congress,” Kennedy continued.

http://www.tripwire.com/state-of-securit...-security/

(:X

Government does not approach security the same way a commercial sites does.


The Centers for Medicare & Medicaid Services (CMS) has built a tool called the Data Services Hub (the Hub) that will help verify information used to determine eligibility for enrollment in qualified health plans and insurance affordability programs. The Hub will provide one connection to the common federal data sources needed to verify consumer application information for income, citizenship, immigration status, access to minimum essential coverage, etc.

It is a critical priority that all systems are secure and personal information is protected. The Hub was specifically designed to minimize security risk, by developing a system that does not retain or store Personally Identifiable Information.

These efforts provide a security framework to safeguard consumer data, allowing eligible Americans to confidently and securely enroll in quality affordable health coverage starting on October 1, 2013. The following describes some of the steps taken to ensure the security of the Hub.

Hub Design


CMS has designed the Hub, a routing tool that helps Marketplaces provide accurate and timely eligibility determinations. The Hub will verify data against information contained in already existing, secure and trusted Federal and state databases. CMS will have security and privacy agreements with all Federal agencies and states connecting to the Hub. These include the Social Security Administration, the Internal Revenue Service, the Department of Homeland Security, the Department of Veterans Affairs, Medicare, TRICARE, the Peace Corps and the Office of Personnel Management.

The Hub increases efficiency and security by eliminating the need for each Marketplace, Medicaid agency, and CHIP agency to set up separate data connections to each database. Risk increases when the number of connections to a data source increase – which is why CMS has designed the Hub to prevent such liabilities. The Hub provides one highly secured connection to trusted federal and state databases instead of requiring each agency to set up what could have amounted to hundreds of independently established connections.

Systems Security

The Hub and its associated systems have several layers of protection in place to mitigate information security risk. For example, Marketplace systems will employ a continuous monitoring model that will utilize sensors and active event monitoring to quickly identify and take action against irregular behavior and unauthorized system changes that could indicate a potential incident.

If a security incident occurs, an Incident Response capability would be activated, which allows for the tracking, investigation, and reporting of incidents. This allows CMS and the Department of Health and Human Services (HHS) to quickly identify security incidents and ensure that the relevant law enforcement authorities, such as the HHS Office of Inspector General Cyber Crimes Unit, are notified for purposes of possible criminal investigation.

The privacy and security of consumer data is a top priority for HHS and CMS. The Hub and its associated systems have been built with state-of-the art business processes based on federal and industry standards. CMS has developed an extremely strong enterprise information security program to protect consumer information in a secure and efficient manner during open enrollment and beyond.

Data Hub Testing

Every federal information technology system must comply with rigorous standards before the system is allowed to operate. The Hub completed its independent Security Controls Assessment on August 23, 2013 and received an authorization to operate on September 6, 2013. The completion of this testing confirms that the Hub complies with federal standards and that HHS and CMS have implemented the appropriate procedures and safeguards necessary for the Hub to operate securely on October 1.

As with all systems, the responsibility to safeguard information is an ongoing process, and HHS and CMS will remain vigilant throughout operations to anticipate and protect against evolving data security concerns. The marketplace monitoring program will continually be reviewed for effectiveness of the systems’ security controls, through methods that include independent penetration testing, automated vulnerability scans, system configuration monitoring, and active web application scanning.

Compliance


CMS developed the marketplace systems consistent with federal statutes, guidelines and industry standards that ensure the security, privacy, and integrity of systems and the data that flows through them. All of CMS’ marketplace systems of records are subject to the Privacy Act of 1974, the Computer Security Act of 1987, and the Federal Information Security Management Act of 2002. These systems must also comply with various rules and regulations promulgated by HHS, the Office of Management and Budget, the Department of Homeland Security, and the National Institute of Standards and Technology.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If I understand their hub properly it seems to me that at most a hacker could phish just information of a few individuals as their data moves through the system and their intrusion is detected countered and traced... meaning those hackers may get a knock on their door.

If you understood anything at all about government approach to security you would know that they intentionally leave many systems open to a degree to let the intruders in so they can be dealt with and caught ...they also know that no cyber security system is hack proof so to rely on such to protect large amounts of sensitive data is foolish and only causes additional problems.

Familiar with the Gary Mckinnon case? Wide open network accessed from a secret door right out in the open. Did he managed to even copy a single piece of information? Was he found out? They let him roam to see what he would do... they watch and when and if they see large amounts of information attempted to be downloaded(which isn't stored in the healthcare hub as the fact sheet makes clear) They block it and confront. They didn't make a stink until he went public with what he saw. The security is "eyes on". Which means when intrusion is detected you are being watched and your crimes are being recorded for prosecution. The systems are often set up as a kind of "labyrinth" so as to make movements easily detectable and trackable ...as the intruder attempts to collect data, data about the intruder is being collected.

http://kritterbox.com/Thread-HACKERS-NO-...#pid150351

...ya sure it might be relatively easy to get in for a hacker with moderate skill but you have access to very little (and they are not going to be allowed to sit their gathering data off the pipes)That IS the security!!! This isn't some commercial site. This is a government website and as I tried to make clear above they do things a bit differently... a commercial site does not have the assets to monitor intruders and send agents to their door. Their approach is to build thicker doors with stronger locks which can always be broken some way some how by some one.
http://kritterbox.com/Thread-HACKERS-NO-...#pid150352
12-20-2013, 04:08 AM #43
Softy Incognito Anonymous
 
Will you please quit with your subsidy stuff,,,

I get it,,,if the .gov/taxpayers/fedprinting pays for it all,,,

it doesn't cost anything,,,right,,,everybody gets that,,,

it all comes from the free money tree,,,

right,,,we are so much better off,,,

so,,,is anybody doing anything about the rising costs of healthcare???,,,

while playing these games...

(:X
12-20-2013, 04:11 AM #44
Softy Incognito Anonymous
 
Yeah,,,I read that,,,the data is protected with state of the art

neural networked fiber optic matrix fractal expanded software...

(:X
12-20-2013, 04:14 AM #45
Softy Incognito Anonymous
 
the "Hub" malfunctioned,,,

did you read that???...

(:X



Home 




 



DISCLAIMER / Terms of Service (TOS):
Kritterbox.com - Socialize anonymously, commentary, discussion, oddities, technology, music and more!  This website is provided "as is" without warranty of any kind, either expressed or implied. kritterbox.com shall not be liable for any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, whether or not advised of the possibility of damage, and on any theory of liability, arising out of or in connection with the use or performance of this site or other documents which are referenced by or linked to this site.
This website exists solely for the purposes of exchange of information, communication and general entertainment. Opinions from posters are in no way endorsed by kritterbox.com. All posts on this website are the opinion of the authors and are not to be taken as statements of fact on behalf of kritterbox.com. This site may contain coarse language or other material that kritterbox.com is in no way responsible for. Material deemed to be offensive or pornographic at the discretion of kritterbox.com shall be removed. kritterbox.com reserves the right to modify, or remove posts and user accounts on this website at our discretion. kritterbox.com disclaims all liability for damages incurred directly or indirectly as a result of any material on this website. Fictitious posts and any similarity to any person living or dead is coincidental.
All users shall limit the insertion of any and all copyrighted material to portions of the article that are relevant to the point being made, with no more than 50%, and preferably less of the original source material. A link shall be visible in text format, embedded directly to the original source material without exception.
No third party links, i.e. blogs or forums will be accepted under any circumstances, and will be edited by staff in order to reflect the original source of copyrighted material, or be removed at the sole discretion of kritterbox.com.
Fair Use Notice:
This site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. Users may make such material available in an effort to advance awareness and understanding of issues relating to economics, individual rights, international affairs, liberty, science, and technology. This constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C.Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for educational and/or research purposes.
This Disclaimer is subject to change at any time at our discretion.
Copyright © 2011 - 2017 kritterbox.com