Tuesday, September 23, 2014
WASHINGTON, D.C. – Congressman Robert Hurt (R-Virginia) released the following statement after introducing H.R. 5610, the Healthcare Consumer Privacy Act, along with Congressman John Barrow (D-Georgia), which will enable individuals to remove their profiles from the federal healthcare website, HealthCare.gov:
"Hearing from those living and working in Virginia's Fifth District continues to be my greatest resource as I serve them. Their input has not only generated creative ideas but brought to light problems created by some of the big government programs coming out of Washington. Recently, a constituent contacted our office to express concern over the fact that he was unable to delete his profile from Healthcare.gov, even though he ultimately decided not to sign up for healthcare coverage.
"Creating a profile requires entering personally identifiable and often sensitive information and, given the recent breach in security of the website, Fifth District Virginians are understandably concerned by the federal government holding onto their information. Cybersecurity vulnerabilities pose a significant threat to individual privacy, but this Administration has been so focused on getting Healthcare.gov to function at a basic level that it did not take sufficient action to ensure that users' personal information will be protected despite spending hundreds of millions of taxpayer dollars to build the site.
"Clearly, major cybersecurity risks exist within the online federal marketplace, and these grave security concerns make it even more imperative that individuals have the ability to remove their personal information permanently from Healthcare.gov, which this bill enables. The bipartisan Healthcare Consumer Privacy Act is a direct response to these concerns about privacy and the protection of personal information for those using Healthcare.gov, and it is a compliment to the robust oversight we in the House are conducting to press the administration to protect this data.
"It is my hope that this bill moves swiftly through the legislative process, and I look forward to working with Rep. Barrow and my colleagues to ensure that individual privacy is protected."
A constituent recently contacted Congressman Hurt expressing concern that he could not delete the profile he created on Healthcare.gov after he decided not to purchase a plan on the site. Congressman Hurt wrote a letter to the Department of Health and Human Services on the constituent's behalf asking them to delete the profile, but they refused to comply with this request. Healthcare.gov has been plagued by security vulnerabilities since its launch nearly a year ago. In July, HealthCare.gov was hacked, and the malicious software embedded in the site was not even discovered for weeks. Just last week, the Government Accountability Office (GAO) released a study pointing out that several privacy and security risks from the site's launch, almost a full year ago, had not yet been fixed. The GAO reported that there are still serious risks of unauthorized access, disclosure, and modification to all information collected and maintained by this website.