IT Innovation. Business Value.

Executive Brief: Health Insurance Exchanges (HIX)

In 2010, the Patient Protection and Affordable Care Act and the Health Care and Education Reconciliation Act were signed into law. The two laws are collectively referred to as the Affordable Care Act (ACA).These laws established the Health Insurance Exchanges (HIX) that are expected to provide an estimated 20 – 40 million Americans and small businesses access to affordable healthcare. With deadlines quickly approaching, States are challenged with meeting Federal certification requirements by January 1, 2013, and be fully operational by January 1, 2014.

Please note, this executive brief is an abbreviated version of the original. For the full version with charts, please view the Executive Brief: Health Insurance Exchanges (HIX).



Creating an Efficient and Competitive Market Through Technology

The Affordable Care Act was the largest single piece of legislation during President Obama’s first two years in office, and the most controversial. After decades of failed attempts by the Democrats, the legislation was signed on March 23, 2010, to overhaul the health care system and grant access to medical insurance for millions of American citizens.

With just over one year to go before the Exchanges are required to be operational, States must move quickly. Speed is the operative word. With so little time, it is imperative that the States develop HIX solutions that can be implemented quickly, using standard technology and well-known methodologies.

High Security Requirements

Even though speed of implementation is critical, security is mandatory. The number one concern of consumers about participating in Exchanges is whether their data will be safe. Any exposure of health data can lead to severe legal and political consequences.

HIX security, like any electronic system that is exposed to the public, has several key issues that must be considered, including:

  1. Protecting private healthcare data from hackers
  2. Ensuring all equipment and network components are protected from intentional and unintentional harm
  3. Creating necessary security procedures, and ensuring personnel are properly trained on the processes for maintaining the Exchange

In this very complex and politically volatile healthcare environment, States experience high pressures to minimize any risk of a security breakdown or breach. Additionally, if the infrastructure and applications used to support the HIX are commercial off-the-shelf products, there is added concern that
a simple bug or virus, which escaped detection by the software or hardware manufacturer before it shipped, could compromise the entire HIX landscape.

To continue reading, please view the full PDF here.