Concern Grows Over Personal Data Stored on Government Health Care Servers

At a time when massive data breaches of both corporations and our federal government are all too commonplace, the last thing Americans want to hear is that there is a large mine of sensitive personal information being kept on anyone who has even considered signing up for health care insurance through the government.

Unfortunately it's true, and it's starting to raise major concerns among elected officials, security experts and civilians alike.

Get LifeLock protection now.

The treasure trove in question is called MIDAS - or Multidimensional Insurance Data Analytics System - and is used by the federal government to store information about Americans inquiring about health care through the Affordable Care Act (ACA), often referred to as "Obamacare."

MIDAS contains the information of anyone who has created a user account on - even if they ultimately didn't sign up for coverage.

The accounts include such sensitive personal information as one's name, Social Security number, birthdate, address, phone number, passport number, employment status and financial accounts.

Now, storing information on customers is not uncommon - but standard practice usually includes putting a maximum length of time on the keeping the information.

According to the Associated Press, the ACA and MIDAS have no identifiable date for the purge of this information as of yet, and say they intend to keep it "indefinitely."

In light of recent cyber attacks on companies and government computer systems in the United States, this fact is raising a lot of red flags.

"I accept they have an operational reason, if not a legal obligation, to keep data for a reasonable period," former Social Security commissioner Michael Astrue told the Associated Press - but when asked if the ACA should keep that information "indefinitely," Astrue said, "I don't think they should be allowed to do it."

Michelle De Mooy, deputy director for consumer privacy at the Center for Democracy and Technology, said it concerns her that the flow of information to MIDAS from is not mentioned in the site's privacy policy - therefore, most don't even realize their information is being stored there.

"It doesn't make any sense that it wouldn't be listed in the privacy policy," De Mooy said.

Before the website went live in 2013, Obama administration officials assured lawmakers and the public that an individual's personal information would be used mainly to determine eligibility for coverage, and that the Affordable Care Act "would have a limited impact on privacy."

But with multiple breaches of government computer systems recently - including the White House and State Department systems; the Internal Revenue Service; and the Office of Personnel Management, which keeps human resources information on government employees - it's understandable that many are now questioning that statement.

4 Million Members and Counting


"I almost lost my job because someone used my driver’s license and received 8 violations."
- Casey S.


"All of my personal information, even my social security card, was taken."- Jamie A.

It only takes minutes to sign up.

Start Your Membership