Republicans this week plan to put yet another criticism of the Affordable Care Act front-and-center on the House floor. It is another political weapon, but if treated seriously, this one could lead to useful reform.

Republicans have claimed that and the systems behind it may not be secure enough to keep Americans’ personally identifying data safe. They’ve selectively released evidence collected through their oversight efforts to make it seem as though the site has major vulnerabilities. In response, Democrats presented selective evidence of their own.

The Department of Health and Human Services, meanwhile, reported that “no person or group has maliciously accessed personally identifiable information from the site.” The agency also said the site is fully compliant with federal security standards.

That’s presumably true, but those standards could use some upgrading. no doubt has some vulnerabilities, as do many other sites. Data breaches of well-protected systems containing sensitive information indicate that would hardly be unique in this regard.

The House Republicans’ bill would require the government to notify victims of any illegal security breach in the ACA’s systems within two business days. If that makes sense for, though, why not require the same of other sensitive federal systems, too?

Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.