CMS has proposed state-run insurance exchanges established under the Patient Protection and Affordable Care Act be compelled to report any data security incidents to federal authorities within one hour.
The new exchanges will receive data from CMS to help determine individual eligibility for subsidies and other benefits. Under the new proposal, any potential or confirmed instance of this data being compromised would have to be reported to a designated Center for Consumer Information and Insurance Oversight state officer in less than 60 minutes, who would then report it to the correct federal agency.
Without this new rule, "a significant number of incidents will not be detected; therefore causing harm and potential risk to the public's identity with identity fraud," according to the proposal.
More Articles on Insurance Exchanges:
8.5M Americans Projected to Enroll in PPACA Exchanges, More Than Expected
Hospital Groups Support Grace Period for Unpaid Premiums
Colorado Releases Exchange Health Insurance Rates