Audit: Many factors aided MNsure breach
Published 9:53 am Friday, November 8, 2013
ST. PAUL — Leaders of Minnesota’s new health insurance exchange could have done more to prevent the disclosure of Social Security numbers belonging to about 1,600 insurance agents, the state legislative auditor reported Thursday.
The auditor examined a September data breach by MNsure, the customer portal for purchasing insurance under the federal health overhaul. The report said the release was an accident and the agency responded properly, but it rejected claims from MNsure’s executive director that what happened was only “an HR issue” that was addressed by firing the employee who was directly responsible.
“That version of what happened overlooks a series of significant decisions made not by the employee who inadvertently disclosed private data but by others at MNsure,” the report read. In a written response, executive director April Todd-Malmlov took no issue with the report’s findings and laid out multiple responses underway to prevent future mistakes.