01/10/14 In an effort to strengthen cybersecurity and protect consumers, Congresswoman Jackie Walorski co-sponsored the Health Exchange Security and Transparency Act (H.R. 3811) which requires the Department of Health and Human Services (HHS) to notify individuals if their personally identifiable information is stolen or unlawfully accessed through the health care exchanges. HealthCare.gov is currently highly susceptible to data breaches due to inadequate oversight and security.
“As Hoosiers attempt to enroll in the health care exchange, they deserve to know their most personal information is safe from identity theft and security breaches,” said Walorski. “Security measures for this national online health care program should have been the Administration’s top priority before opening enrollment. Passage of this straightforward bill will safeguard consumers, ensuring their personal information is adequately protected.”
The Health Exchange Security and Transparency Act requires HHS to notify an individual of a security breach of their personal information within two business days after the discovery. As it stands, there are no laws in place requiring HHS to notify consumers if their most sensitive information, including Social Security Numbers and credit card account numbers, is compromised. In fact, HHS officials admitted they did not perform a complete Security Control Assessment before launching HealthCare.gov on October 1st.
Since serving in the Indiana State House, Congresswoman Jackie Walorski has authored and supported cybersecurity legislation to improve consumer protection and prevent data breaches of personally identifiable information. Last summer, Walorski completed a district-wide tour to increase cybersecurity awareness amongst Hoosier seniors. Security concerns with HealthCare.gov were vocalized by numerous constituents, including health care administrators overseeing senior patients.