A picture of Representative Chris Van Hollen
Chris V.
Democrat MD 8

About Rep. Chris
  • Health Exchange Security and Transparency Act of 2014

    by Representative Chris Van Hollen

    Posted on 2014-01-10

    submit to reddit

    VAN HOLLEN of maryland in the house of representatives Friday, January 10, 2014 Mr. VAN HOLLEN. Mr. Speaker, I rise today in opposition to H.R. 3811. I feel strongly that the public and private sector should establish clear rules to protect Americans' personally identifiable information and an obligation to notify them promptly of any security or privacy breaches. The bill establishes a 48 hour notification requirement for any breaches of personally identifiable information from the Affordable Care Act Marketplaces. I would like to see an even shorter notice period, perhaps within 24 hours. However, whatever standard we use should apply to other government information systems. Moreover, we should take a comprehensive approach that also considers standards to protect consumers from involuntary disclosures of sensitive information from systems in the private sector. For example, private health insurance companies, which store large amounts personal health information, should also be subject to privacy and notification requirements. The recent incidents such as the massive data breaches at Target and Neiman Marcus illustrate the need for standards to be applied across the internet.

    This bill's failure to protect consumers from the wide array of potential security lapses reveals it for what it is--simply another politically motivated attack on the Affordable Care Act. The obvious goal is to scare people away from using the internet-based Marketplaces to sign up for coverage under the Affordable Care Act. The truth is there have been no successful attacks on the site, it is continually being monitored, and stringent protocols exist should a breach occur. Moreover, because the Affordable Care Act prohibits insurance companies from discriminating against individuals with pre-existing health conditions, the website does not collect or store detailed health personal health information. This hastily drafted legislation also contains other flaws. Specifically, it lacks important exceptions for law enforcement requirements, which could threaten ongoing investigations.

    Mr. Speaker, today's bill is not a policy solution; it's a scare tactic. There is no doubt that we must strengthen security features of all systems that contain American's personally identifiable information. I urge my Republican colleagues to work with Democrats on crafting serious, workable legislation to ensure the security of sensitive information on the internet.


  • submit to reddit
  • Register your constituent account to respond

    Constituent Register