In it, but not of it. TPM DC

Eric Cantor Reveals GOP's New Plan To Target Obamacare

AP Photo / J. Scott Applewhite

Cantor pointed to four investigations by Republican-led House committees that detailed the potential for online data breaches in the Obamacare exchanges. His memo came soon after the law's major coverage benefits via the exchanges and Medicaid expansion took effect on Jan. 1.

Current law lets the Obama administration decide whether whether "a risk of harm exists" as a result of data breaches "and if individuals need to be notified."

To verify eligibility, the online Obamacare application asks prospective enrollees for information such as their names, addresses, phone numbers, date of birth, income and family size. Email addresses and Social Security numbers are optional. It does not inquire about their medical histories.

"American families have enough to worry about as we enter the new year without having to wonder if they can trust the government to inform them when their personal information -- entered into a government mandated website -- has been compromised," Cantor wrote in the memo.

A spokesman for House Minority Leader Nancy Pelosi (D-CA) dismissed Cantor's proposal as more "partisan and ideological games" over Obamacare.

"It is clear that the New Year has brought no change in heart for House Republicans," said the spokesman, Drew Hammill. "They continue to remain intent on undermining or repealing the Affordable Care Act at every turn, and that effort even extends to scaring their constituents from obtaining health coverage."

Late Update: Jan. 3, 2014, 2 p.m. EST

The Center for Medicare and Medicaid Service, which administers Obamacare, responded Friday to Cantor's assertions, saying there have been "no successful security attacks" on and that the website is security-tested on a regular basis.

"The privacy and security of consumers’ personal information are a top priority for us. When consumers fill out their online Marketplace applications, they can trust that the information that they are providing is protected by stringent security standards. To date, there have been no successful security attacks on and no person or group has maliciously accessed personally identifiable information from the site," said CMS spokesman Aaron Albright. "Security testing is conducted on an ongoing basis using industry best practices to appropriately safeguard consumers’ personal information. The security of the system is also monitored by sensors and other tools to deter and prevent any unauthorized access. The components of the website that are operational have been determined to be compliant with the Federal Information Security Management Act (FISMA), based on standards promulgated by the National Institutes of Standards and Technology (NIST) and promulgated through the Office of Management and Budget (OMB)."