House and Senate Committee Leaders Press Administration on HealthCare.gov Security

Administration’s Blog Post Leaves Many Questions about HealthCare.gov Security Unanswered

Posted on January 30, 2015

WASHINGTON, Jan. 30, 2015 – Republican leaders in the House and Senate today sent a letter to Health and Human Services Secretary Sylvia Burwell amidst growing concerns about the security and privacy of consumer information shared on HealthCare.gov. This letter follows a September 17, 2014, letter to the Centers for Medicare and Medicaid Services regarding a report from the Government Accountability Office outlining security vulnerabilities on HealthCare.gov. The leaders have not yet received a response to the September request and recent reports raise new questions about the protection of consumer information on HealthCare.gov. 

The leaders write, “The administration initially defended its information sharing practices in the wake of these revelations, but in a Saturday, January 24th, evening blog post it acknowledged that at least some of the consumer protection concerns raised about HealthCare.gov are warranted. Specifically, in the blog post, the administration announced that it had taken ‘an additional step to better protect consumers’ information’ … Unfortunately, it is not at all clear that this layer of protection is sufficient.” 

Staff conducted an analysis of HealthCare.gov in the wake of these reports and, “it appears that when an individual visits HealthCare.gov, information about that person is shared through an automated process with companies such as Google, Twitter, Yahoo, and Advertising.com.  In most instances, this information is shared long after their visit to HealthCare.gov has concluded.” 

Furthermore, “Information discovered through staff analysis conducted directly before and after CMS’ January 24th, announcement has also raised questions about whether at least one company with access to HealthCare.gov consumer information is sharing all or some subset of that information with third parties.” 

In order to better understand these security and privacy concerns, the leaders have a series of questions and document requests related to the administration’s handling of this most recent HealthCare.gov issue. 

Read the complete letter online HERE

The letter was signed by House Energy and Commerce Committee Chairman Fred Upton (R-MI), Senate Health, Education, Labor, and Pensions Committee Chairman Lamar Alexander (R-TN), House Ways and Means Committee Chairman Paul Ryan (R-WI), Senate Finance Committee Chairman Orrin Hatch (R-UT), House Oversight and Government Reform Committee Chairman Jason Chaffetz (R-UT), Senate Judiciary Committee Chairman Chuck Grassley (R-IA), Senate Commerce Committee Chairman John Thune (R-SD), and Senate Committee on Homeland Security and Governmental Affairs, Permanent Subcommittee on Investigation Chairman Rob Portman (R-OH).

# # #