Tuesday, November 12, 2013

A Major Security Hole in the Medicaid Enrollment Part of HealthCare.gov

David Steinberg at PJMedia points to a serious security flaw that allows persons not even resident in the U.S. to apply for Medicaid and get it for at least 90 days:
While troubling, final approval of fraudulent applications represents a lesser element of the problem regarding non-citizen enrollment. The greater concern is initial approval:
  • Applicants attempting to register for Medicaid as non-citizens by using Healthcare.gov will have their identification checked in real-time by the SAVE (Systematic Alien Verification for Entitlements) database. But if SAVE verification fails, the applicant is not prevented from enrolling in Medicaid/CHIP.
  • In fact, the opposite occursthe applicant is likely enrolled in Medicaid immediately.
  • The applicant is then given a 90-day period to clear up the identification problem.
  • This “enroll first, confirm later” regulation, combined with the ACA’s easing of verification requirements, allows anyone, from a computer anywhere in the world, to successfully auto-enroll for 90 days of Medicaid by entering fraudulent information about being a certain category of legal alien living in the United States.
  • There is no guarantee that state governments will take action to cancel these enrollments at the end of each application’s 90-day period if identification is never provided. The cancellation of unverified enrollments is left to each state’s available manpower and political will.
To say that this is troubling does not even begin to describe it.  This does not seem to be intentional -- but think of the Nigerian spammers all doing this at once, and then supplying Medicaid information to Medicaid fraud doctors in the U.S.

1 comment:

  1. Know how you feel my G5 died, lossof coolant accident, What we in the nuke field called a LOCA. Then the 23 inch monitor died a week later.