Data security experts are questioning the technological security of the Healthcare Exchange Website, www.healthcare.gov.
It has been reported that a software tester discovered a series of possible security flaws, particularly one on the password-reset function. This glitch would have allowed a potential hacker to access email and security questions or allow a password reset email to be sent to an unauthorized user. The government has said that the problems have been fixed and continuously go through security testing.
BAS understands the importance of security with respect to passwords, including the Password request function. That is one of the reasons why email addresses entered into MyEnroll.com must be verified before use. When a new email is entered into the MyEnroll system, an email is automatically sent to the email address, requesting the recipient to validate the address. The email address can be validated by entering certain values that are specific to the user. Email verification and BAS’ password protections help ensure that MyEnroll.com does not experience the security glitches reported on www.healthcare.gov.
