Initial cybersecurity risk assessments of state systems linking to federal computers to help enroll people for coverage under the new health care law found widespread risks. These assessments by the federal Health and Human Services department were provided by the House Oversight and Government Reform Committee. The Obama administration says they represent "outdated" snapshots and that security issues were either resolved or are being addressed. States need approval to connect to federal computer systems. States with high-risk issues can be approved if they are tackling the problems.
The potential impact of security flaws is rated high if a breach could have a severe or catastrophic impact on organizational operations, organizational assets, or individuals; moderate if the consequences would be serious, and low if the adverse effects would be limited. No information was provided for Delaware and New Jersey.
(asterisk)Approval was recommended for Arizona because the state had a mitigation plan.
Source: U.S. House Committee on Oversight & Government Reform