Data problems, hackers continue to plague Obamacare exchanges
posted at 7:21 pm on July 3, 2014 by Mary Katharine Ham
Two reports from the government watchdog for Health and Human Services this week revealed serious data discrepancies among the sign-ups the Obama administration hailed as Obamacare’s triumphant comeback. Those data problems may mean some people got subsidies they shouldn’t have and would have to pay back hefty amounts to the federal government. Phil Klein reports:
Applications for insurance coverage through President Obama’s health care law submitted in the final three months of 2013 contained millions of inconsistencies in which information such as income and immigration status could not be independently verified by the federal government, according to a June report from the inspector general of the Department of Health and Human Services.
The inconsistencies may have resulted in individuals receiving an improper amount of subsidies, or subsidies that they shouldn’t have been eligible for in the first place — something that could require them to repay the money in future tax bills.
In other cases, inconsistencies led to bizarre outcomes. According to the report, “one marketplace cited situations in which infants and young children included on applications were erroneously identified as incarcerated.”
At issue is the information that individuals are asked to submit when they apply for coverage, such as income, citizenship status, Social Security number, or incarceration status. In theory, once data are submitted, they are supposed to be checked in a massive storage database known as the “hub,” which gathers data from multiple federal agencies.
Between October and December 2013, there were 2.9 million such inconsistencies in applications, according to the report, 2.6 million of which remain unresolved. As Klein makes clear, this doesn’t mean there are 2.9 million separate applications with mistakes because there are many potential data problems on each person’s application. The most common inconsistency had to do with citizenship and immigration status, with income shortly behind. In some cases, the federal government and states with exchanges were not using the verification processes required by their internal rules (well, knock me over with a feather). The AP reports:
Digging out from under the data problem is one of the top challenges facing newly installed HHS Secretary Sylvia Mathews Burwell.
The administration says it is doing just that. Spokesman Aaron Albright said more than 425,000 inconsistencies have been resolved so far, more than 90 percent of those in favor of the consumer. The administration is hoping to clear up the majority of cases this summer, but may yet have to resort to an extension allowed under the health law.
The inspector general found that the federal insurance exchange reported a total of 2.9 million inconsistencies with consumer data from Oct. 1, 2013 through Feb. 23 of this year.
At the time, the administration had limited technical capability that would have let officials resolve roughly 330,000 of those cases. Only about 10,000 were actually cleared up within the period. Albright said the situation is much improved.
The inspector general said several states running their own insurance markets were having similar problems.
Democrats celebrated that “8 million new enrollments” figure in a failed attempt to improve public perceptions of the law. That number has always been highly exaggerated — not accounting for duplicates, a substantial non-payment rate, a high percentage of enrollees who were previously insured, and applicants whose coverage may be disrupted by these ongoing data issues. The watchdog report stated that approximately 1.2 million additional “inconsistencies” marred applications processed through state exchanges. More: “During our review, 4 of the 15 State marketplaces reported that they were unable to resolve inconsistencies” at all, including some of the usual suspects such as Oregon. How many data snags have affected the millions of applications filed over the first three-plus months of 2014? The final number will almost certainly be significantly higher.
A Romanian attacker hacked the Vermont health exchange’s development server last December, gaining access at least 15 times and going undetected for a month, according to records obtained by National Review Online.
CGI Group, the tech firm hired to build Vermont Health Connect, described the risk as “high” in a report about the attack. It also found possible evidence of sophisticated “counter-forensics activity performed by the attacker to cover his/her tracks.”