Does Federal Health Data Warehouse Pose Privacy Risk?

Not too long ago, few consumers were aware of the threat data thieves posed to their privacy, and far fewer had even an inkling of how vulnerable many large commercial databases would turn out to be.

But as consumer health data has gone digital — and average people have become more aware of the extent to which data breaches can affect their lives — they’ve grown more worried, and for good reason. As a series of spectacular data breaches within health plans has illustrated, both their medical and personal data might be at risk, with potentially devastating consequences if that data gets into the wrong hands.

Considering that these concerns are not only common, but pretty valid, federal authorities who have collected information on millions of insurance customers need to be sure that they’re above reproach. Unfortunately, this doesn’t seem to be the case.

According to an Associated Press story, the administration is storing all of the data in a perpetual central repository known as MIDAS. MIDAS data includes a lot of sensitive information, including Social Security numbers, birth dates, addresses and financial accounts.  If stolen, this data could provide a springboard for countless case of identity or even medical identity theft, both of which have emerged as perhaps the iconic crimes of 21st century life.

Both the immensity of the database and a failure to plan for destruction of old records are raising the hackles of privacy advocates. They definitely aren’t comfortable with the ten-year storage period recommended by the National Archives.

An Obama Administration rep told the AP that MIDAS meets or exceeds federal security and privacy standards, by which I assume he largely meant HIPAA regs. But it’s reasonable to wonder how long the federal government can protect its massive data store, particularly if commercial entities like Anthem — who arguably have more to lose — can’t protect their beneficiaries’ data from break-ins. True, MIDAS is also operated by a private concern, government technology contractor CACI, but the workflow has to impacted by the fact that CMS owns the data.

Meanwhile, growing privacy breach questions are driven by reasonable concerns, especially those outlined by the GAO, which noted last year that MIDAS went live without an in-depth assessment of privacy risks posed by the system.

Another key point made by the AP report (which did a very good job on this topic, by the way, somewhat to my surprise) is that MIDAS’ mission has evolved from a facility for running analytics on the data to a central clearinghouse for data sharing between CMS and health insurance companies and state Medicaid organizations. And we all know that with mission creep can come feature creep; with feature creep comes greater and greater potential for security holes that are passed over and left to be found by intruders.

Now, private healthcare organizations will still be managing the bulk of consumer medical data for the near future. And they have many vulnerabilities that are left unpatched, as recent events have emphasized. But in the near term, it seems like a good idea to hold the federal government’s feet to the fire. The last thing we need is a giant loss of consumer confidence generated by a giant government data exposure.

About the author

Anne Zieger

Anne Zieger

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.


  • We need to come to the belief that all our Health Records will be available to anyone in the world, just like a Photo you share. We have to eliminate the SSN no any sites, as is happening, and just agree anyone can see if you have a health problem.

    Reality, US Government, Private or Quasi-Public Sites can and will be violated by the Billion Dollar Hacking Community. Data will be stolen, encrypted or not.

    So at the heart of this is to agree to this, move on and let the information out. Have AIDS, Hepatitis, Herpes, etc…. so what.

    Otherwise, we need to abort this concept, as no system will truly secure the data, no matter how much they spend on Firewall Software, Monitoring and Encryption. For everyone of these, someone else is reversing the logic.

    What is next, everyone in the nation gets a RSA key.

  • Sophia,
    Granting that and agreeing to it, then we have to also agree that no data is private. I believe the PATIENT should not have data provided to a HIE or Portal without permission. See Patients can choose if they want to retrieve from the Portal/HIE, but practices and Software are sending the data to these with or without their permission.

    Also not as common as you might think, over 37% providers choose not to participate in Meaningful Use. Many are Medicare Advantage and will not participate in programs. Further, many providers on the first audit and/or when another provider has troubles, will deinstall portals and software, it’s already happening since many of the software itself is poorly written and function poorly.

    Further, many have not met Stage 2, and if they fail, they will not continue, to busy to deal with all this in addition to their daily work.

  • I cannot believe the proponents of such “opt-in” policies! You might as well make sure that your patients are not allowed to go anywhere outside of your network. If I have a condition and want to get treated by a specialist who is out of network and my data needs to be seen by him/her I dont want that to be gated by my decision.

  • This is a really good point Anshuman. I think we’re going to start seeing some decisions around this. Especially with value based care and ACOs.

Click here to post a comment