Till final week, the system that’s used to enroll individuals in federal Inexpensive Care Act insurance coverage inadvertently allowed entry by insurance coverage brokers to shoppers’ full Social Safety numbers, info brokers don’t want.

That raised considerations in regards to the potential for misuse.

The entry to policyholders’ private info was one of many issues cited in a KFF Well being Information article describing rising complaints about rogue brokers enrolling individuals in ACA protection, also referred to as Obamacare, or switching shoppers’ plans with out their permission as a way to garner the commissions. The shoppers are sometimes unaware of the modifications till they go to make use of their plan and discover their medical doctors aren’t within the new plan’s community or their medication aren’t lined.

Agent Joshua Brooker instructed KFF Well being Information it was comparatively simple for brokers to entry full Social Safety numbers by way of the federal insurance coverage market’s enrollment platforms, warning that “dangerous eggs now have entry to all this non-public details about a person.”

On April 1, the morning the article was posted on NPR’s web site, Brooker mentioned, he received a name from the Facilities for Medicare & Medicaid Providers questioning the accuracy of his feedback.

A CMS consultant instructed him he was improper and that the numbers have been hidden, Brooker mentioned April 7. “I illustrated that they weren’t,” he mentioned.

After he confirmed how the knowledge might be accessed, “the quick response was a scramble to patch what was acknowledged as ‘problematic,’” Brooker posted to social media late final week.

Brooker has adopted the problem intently as chair of a market committee for the Nationwide Affiliation of Advantages and Insurance coverage Professionals, a commerce group.

After some cellphone calls with CMS and different technical specialists, Brooker mentioned, the federal web site and direct enrollment companion platforms now masks the primary six digits of the SSNs.

“It was fastened Wednesday night,” Brooker instructed KFF Well being Information. “That is nice information for shoppers.”

An April 8 written assertion from CMS mentioned the company locations the very best precedence on defending shopper privateness.

“Upon studying of this method vulnerability, CMS took quick motion to achieve out to the direct enrollment platform the place vulnerability was recognized to ensure it was addressed,” wrote Jeff Wu, appearing director of the Middle for Shopper Data & Insurance coverage Oversight at CMS.

He added that the Social Safety numbers weren’t accessible by way of routine use of the platform however have been in a portion of the positioning referred to as developer instruments. “This situation doesn’t impression healthcare.gov,” Wu wrote.

Brooker’s concern about Social Safety numbers centered on entry by licensed brokers to present policyholder info although the federal market, not together with the elements of healthcare.gov utilized by shoppers, who can not entry something however their very own accounts.

Whereas shoppers can enroll on their very own, many flip to brokers for help. There are about 70,000 licensed brokers nationwide licensed to make use of the healthcare.gov web site or its companion enrollment platforms. They need to meet sure coaching and licensing necessities to take action. Brooker has been fast to say it’s a minority of brokers who’re inflicting the issue.

However brokers more and more are annoyed by what they describe as a pointy enhance in the course of the second half of 2023 and into 2024 of unscrupulous rivals switching individuals from one plan to a different, or at the very least switching the “agent of document” on the accounts, which directs the fee to the brand new agent. Wu’s statements have thus far not included requested info on the variety of complaints about unauthorized switching, or the variety of brokers who’ve been sanctioned consequently.

The modifications shielding the Social Safety numbers are useful, Brooker mentioned, however gained’t essentially gradual unauthorized switching of plans. Rogue brokers can nonetheless swap an enrollee’s plan with merely their title, date of delivery, and state of residence, regardless of guidelines that require brokers to gather written or recorded consent from shoppers earlier than making any modifications.