Health insurance exchange didn’t report 44 data breaches, but were hit with no security mandates

The health insurance exchange for Connecticut, Access Health, faced a whopping 44 data breaches over the course of three and a half years. But while the audit report detailing these compromises names a host of security and compliance shortcomings, the state auditor merely made recommendations to the HIE to remediate the issues without requiring changes.

The failure to enact sharper enforcement begs the question: where’s the accountability? As Lee Barrett, executive director of the Electronic Health Network Accreditation Commission (EHNAC) puts it, “The bigger issue here is that there’s no accountability.”

To read the full article, visit SC Media.