A technical error in a federal healthcare database briefly exposed Social Security information belonging to healthcare providers.

The incident has raised concerns about data handling within the Centers for Medicare and Medicaid Services (CMS), which oversees Medicare and Medicaid programs in the United States under President Donald Trump’s administration.

CMS Removes Directory After Data Exposure

The issue came to light after reporters identified sensitive information published in CMS’s National Provider Directory, a public-facing platform designed to help Medicare beneficiaries find healthcare professionals. The database reportedly includes records for more than seven million providers.

CMS removed the directory from public access after being alerted to the issue. According to a CMS spokesperson quoted by The Washington Post, the problem occurred when some providers entered Social Security numbers in the wrong fields during online form submission.

“The agency has taken steps to address it promptly and reinforce safeguards around data submission and validation,” CMS said in its statement to the newspaper.

Officials did not immediately confirm the full scope of the exposure, but reports indicate that at least 100 healthcare providers had sensitive information briefly accessible before the system was taken offline.

How the Error Occurred

CMS said the exposure was not caused by an external cyberattack but by user input errors combined with insufficient validation checks in the system. When providers filled out registration forms, some placed Social Security numbers in fields that were not properly restricted or flagged as sensitive.

Also Read: 4,000,000 Disabled and Old Americans to Lose Money in New Social Security Rule Change

The National Provider Directory is part of a broader CMS effort to improve access to healthcare information for Medicare beneficiaries. It is intended to allow patients to search for doctors, verify coverage, and compare services across providers.

However, the system has faced repeated criticism since its rollout. Lawmakers have previously raised concerns about inaccuracies in the database, including misclassified insurance coverage and duplicate entries.

In November, Oregon Senators Jeff Merkley and Ron Wyden wrote to CMS Administrator Mehmet Oz expressing concern about what they described as “erroneous, conflicting, and duplicative information” in the system. They warned that rushed implementation could mislead seniors and potentially lead to unexpected medical bills.

CMS has said it is working to improve data accuracy and strengthen validation systems to reduce future errors.

Previous Concerns Over Data Handling

The latest incident adds to growing scrutiny over how CMS manages sensitive personal information. Earlier reports raised concerns that Social Security data was being stored in unsecured cloud environments linked to government systems, prompting warnings from whistleblowers within federal agencies.

Senator Wyden has previously criticized the handling of Social Security information, calling earlier reports “a clear example of how the administration is playing fast and loose with Americans’ most sensitive personal information.”

The Trump administration has defended its modernization efforts across federal agencies, including healthcare systems, arguing that digital tools are necessary to improve access and efficiency in public services.

Also Read: Tomorrow Is Payment Day: Who Gets Social Security Checks on April 15

Why This Matters

The exposure raises broader questions about how federal healthcare systems protect sensitive personal data as they expand online services.

CMS databases are widely used by seniors, insurers, and healthcare providers, making accuracy and security essential to maintaining trust in Medicare services.

Even limited exposure of Social Security numbers can carry long-term risks, including identity theft and financial fraud, particularly when linked to healthcare records.

The incident also comes at a time when federal agencies are under pressure to modernize outdated systems while preventing data breaches and operational failures.

Lawmakers from both parties have warned that rapid digital expansion without strong safeguards can create vulnerabilities that affect millions of Americans.