Updated at 7:55 p.m. ET
When Congress returns next week, House Republicans will welcome their Democratic colleagues with a damned-if-you-do, damned-if-you-don’t vote.
House Majority Leader Eric Cantor, R-Va., has let it be known that the House will vote on legislation ostensibly meant to protect Americans from HealthCare.gov data breaches. Several Republicans have introduced HealthCare.gov-related security bills, so Cantor has plenty of material to work with.
“The OH No Act of 2013” (I didn’t make that up) introduced by Rep. Gus Bilirakis, R-Fla., would require the Health and Human Services secretary to inform an individual whose sensitive personal information had been compromised within an hour of the secretary’s learning of it.
Another bill would require that a federal website that gathered personal information be certified as secure and, failing that, be taken offline.
(Update: Late Friday, Cantor’s office issued an advisory of the schedule the House will take up on its return with a link to the actual bill that will be considered, “The Health Exchange Security and Transparency Act of 2014,” which simply requires the HHS secretary to notify individuals whose privacy is compromised in a data breach.)
In a memo to the House Republican Conference, Cantor explained: “To date, the administration has downplayed the risk of a data breach, perhaps in part because their primary goal is signing people up for insurance through the exchange.
“Regardless, if there is a breach, Americans shouldn’t have to wonder whether or not they will receive prompt notification so that they may act to protect their personal identity and finances. It is my intent to schedule legislation on this topic when we return next week.” Govinfosecurity.com reported on the memo.
Given its proximity to the much publicized holiday season consumer data breach at the giant retailer Target, who could oppose such legislation?
And that’s precisely the quandary for Democrats. The Target data breach, where hackers stole information for tens of millions of customers, very likely reminded many Americans of the vulnerability of their personal information in large databases.
Many voters, even ACA supporters, might go for any measures to make the HealthCare.gov site safer.
But for the Obama administration and House Democrats, the Republican effort is just the latest attempt to hobble the ACA after nearly 50 previous votes to either repeal or hamstring the law. So, of course, Democrats in safe districts will vote against whatever GOP measure finally comes to the floor, though some less safe Democrats might feel compelled to vote for it.
“It is clear that the New Year has brought no change in heart for House Republicans. … It’s time for Republicans to drop the partisan and ideological games,” said Democratic Minority Leader Nancy Pelosi in a statement issued by her office.
Aaron Albright, a spokesman at HHS’s Center for Medicare and Medicaid Services, suggested consumers had little need to worry. “To date, there have been no successful security attacks on Healthcare.gov and no person or group has maliciously accessed personally identifiable information from the site. Security testing is conducted on an ongoing basis using industry best practices to appropriately safeguard consumers’ personal information …” he said, in an emailed statement.
The federal website proved last year that it didn’t necessarily take an attack by a malicious hacker for users’ personal information to be compromised. In at least one infamous incident, a HealthCare.gov user’s personal data was made available to another user by mistake.
Administration officials say the software glitch that caused that snafu has since been fixed. But that bizarre tech mishap helped fuel the GOP drive to make HealthCare.gov’s security of personal data an issue. Getting past that for ACA’s supporters won’t be as easy as fixing an errant line of computer code.