Dayton reacts to MNsure breach: 'There are going to be mistakes'

Updated with legislative auditor's plan to investigate and DFL lawmakers plan for hearing

Gov. Mark Dayton on Friday acknowledged the problems with the coming Minnesota health exchange but said the 'glitches' should be expected.

"There are going to be mistakes. There're going to be glitches, and there's going to be human error as there is in any enterprise, particularly a large one like this that's just getting under way. I think overall they've done an admirable job of putting this together under severe time pressure," Dayton said in answer to questions about the exchange, called MNsure.

MNsure and its administration have come in for blistering criticism this week from a host of sources.

On Tuesday, a Democratic Senate leader said that organizers "blew it" in their outreach to the underinsured African and African-American community. Dayton called that problem a serious mistake about which people were "rightfully indignant." Acknowledging they should have concentrated on outreach to those underinsured populations, MNsure officials allocated another $750,000 in outreach spending.

Then on Friday, the Star Tribune reported that a MNsure staffer inadvertently sent an email containing the names and social security numbers of insurance agents to a broker. The breach, which MnSure officials took steps to fix, renewed fears that the state's collection of Minnesotans' health information could create serious privacy violations.

On Friday, two Republican senators asked the legislative panel tasked with MNsure oversight to look into privacy concerns with the system.

By Friday afternoon, the Democratic chairs of the oversight panel said they planned to call a hearing to discuss the data release.

"We take the reported release of personal data very seriously," Sen. Tony Lourey, DFL-Kerrick, and Rep. Joe Atkins, DFL-Inver Grove Heights, said in a letter.

In reaction to the storm on Friday, Dayton said the data release was serious but attributable to "human error."

"The breach of privacy was a serious violation of their protocol and their procedures and they'll learn from that and it will make them even stronger in the days following," the governor said. "I think there are going to be instances of human error and the like that, unfortunately, are going to get all the attention."

Legislative Auditor Jim Nobles said Friday his office will investigate the MNsure data security practices of MNsure, in the wake of an employee sending the email to a broker's office that contained Social Security numbers, addresses and names of more than 2,400 people.

Nobles said he had long expected there would be data security issues with MNsure, "we just didn't expect it to happen so soon."

"A lot of people who know this world have been very concerned, rightly, about the more sophisticated vulnerabilities and risks that exist, both external and internal," he said.

Dayton said he could "absolutely" assure Minnesotans that their information would be "as safe as anything can be."

In his defense of MNsure, the governor also noted that the insurance policy rates that Minnesotans will get using the exchange, which were announced last week, were considerably lower than the proposed rates in other states.

But that too has undergone some criticism. On Friday, Dayton was asked about a contention that the rates were purposely set low to protect Democrats up for re-election next year. The governor quickly dismissed the notion.

Earlier this year, the governor signed the health exchange measure into law at the same time he said it was a 'big gamble.' But on Friday, while acknowledging the stumbles, he has also defended the plan to help get Minnesotans affordable health care.