JayFm News Commentary:
The Need for Plateau State Contributory Healthcare Management Agency to Address the Issue of Data Breach of Participants Under the Scheme
Written by Joey Shekwonuzhibo on July 30, 2022
It is written by Joseph Gilbert of our news and current affairs department
As captured in section 14 subsection 2 (b) of the 1999 constitution as amended, the role of government is to provide the security of lives and property of Nigerian citizens.
There is no gain in saying that failure to do so constitutes a breach on the part of government which should not be allowed to take root in the country.
Interestingly, The security of lives as thought out in the constitution does not only start and end with the prevention of armed confrontation against citizens alone.
Health security is in fact, a major aspect of security.
As it is with the federal government, so it is with the state government.
Here in Plateau state, efforts by the State government to provide healthcare insurance to citizens climaxed into what is now known as The Plateau State Contributory Healthcare Management Agency,a program designed to bring affordable healthcare to the people of the state.
But recently, the management of the agency came under scrutiny raising concerns about the safety of the citizens under the program
This followed an online research publication, website planets, which had in it’s report accused PLASCHEMA of a data breach in the management of the agency by leaving it’s buckets in open form, without any encryption or password protection for the citizens enrolled in the scheme.
According to the report ,11 of PLASCHEMA’s buckets were left unsecured without any authentication or encryption controls in place.
The report insisted that the organization’s buckets exposed over 75,000 files totaling around 45GB of data.
The report which also noted that each unsecured bucket contained PII belonging to program applicants from a different city located in Plateau State added that among other files, the open buckets contained ID cards that exposed a range of applicant PII.
Based on the volume of these files, the report estimated that over 37,000 people may have been affected by PLASCHEMA’s data incident.
Expectedly, the report generated an outcry from members of the public with many of them calling on the National Information Technology Development Agency, NITDA, to wade into the matter in order to guarantee the safety of participants under the health program
.It is disheartening that rather than address the issues raised by the online research publication, the Director General of PLASCHEMA, Dr. Fabong Jemchang, quickly rushed to the press to dismiss the report, leaving many questions unanswered.
Such a serious issue calls for prompt action and should not be treated with levity.
PLASCHEMA can not afford to manage the agency while exposing the lives of the citizens to danger
At a time when bandits and terrorists either kidnap or launch unprovoked attacks on Nigerians with the government itself watching helplessly, exposing citizens’ data such as occupation, locations, and workplaces, among others, means volunteering information that the unscrupulous elements require to carry out their nefarious activities.
There is also the possibility of the affected citizens falling victim to Cybercrimes.
Therefore, PLASCHEMA needs to rise up to the challenge and address the issues surrounding the reported data breach in the management of beneficiaries under the scheme as doing otherwise will erode the confidence of Plateau citizens in the health care program