A Columbia attorney at the center of a data-breach controversy over the government’s new health care website said Wednesday that he is ready to put the issue behind him.
Thomas Dougall became the unwitting face this week of public dissatisfaction with the troubled HealthCare.gov website that many Americans have tried to use to sign up for new medical coverage under the Affordable Care Act.
The retired Army officer and 1984 University of South Carolina School of Law graduate entered his information into the site to see if he could save on his health plan. Friday, he was contacted by a North Carolina man who said the site had given him Dougall’s personal information.
Dougall expressed frustration in media reports Tuesday that the government still had not contacted him or resolved the issue.
Dougall said he finally was contacted mid-afternoon Tuesday by the federal Centers for Medicare & Medicaid Services in Washington and told the breach that allowed his information to be incorrectly accessed by another visitor to the Affordable Care Act had been corrected.
“They told me they had fixed the system so nobody could get into my account anymore,” Dougall said. “I told them that wasn’t what the request was. The request was that my account be deleted and that my daughter’s account be deleted.”
It took about three hours longer to find the proper expertise to accomplish that, Dougall said, but with assistance from U.S. Sen. Tim Scott, R-Charleston, at 7 p.m. Tuesday the agency sent him confirmation providing sufficient proof to him that both his and his daughter’s accounts had been deleted from the system.
“I wanted my information off the website because the website is not secure, and now that that has happened. As far as I’m concerned, I’m done with it,” Dougall said Wednesday in a phone interview.
Dougall, who described himself as a “well-educated, affluent person who knows how to fight the system,” also said he doesn’t have an ax to grind now over the account breach.
“Unfortunately, it took a congressional hearing and all these silly interviews with national media outlets to make it happen. But it finally happened last night,” Dougall said Wednesday.
“We never went beyond just browsing to see what the prices were,” said Dougall, noting coverage through the new system was more expensive than the insurance that he currently has in effect. “Certainly, for other folks out there who are logging into this system, they need to know that it’s not secured.”
Obama administration officials are facing mounting questions about whether they cut corners on security testing for the website while rushing to meet a deadline to launch online health insurance markets.
Documents show the part of the HealthCare.gov site that consumers interact with directly received only a temporary six-month security certification because it had not been fully tested before Oct. 1, when the website went live. That part of the site also stores personal information.
The administration insists the trouble-prone website is secure. But technicians had to scramble to make a software fix earlier this week after learning of the security breach involving Dougall.
An administration spokeswoman said that, as of Tuesday, Dougall’s complaint was the only report of a breach that the government had received. A serious security breach would be an unwelcome game-changer for an administration striving to turn the corner on technical problems that have inconvenienced millions of consumers and embarrassed the White House.
“If you haven’t done end-to-end testing, how can we say with certainty how hard or easy it is for cybercriminals to attack at different points in the process?” asked former White House chief information officer Theresa Payton, a former bank security executive who now runs her own company. “It makes me shudder a little.”
The Associated Press contributed.