Dive Brief:
- Congressman Joe Pitts (R-Pa.) has announced plans to introduce a new bill designed to protect the personal information of health insurance exchange users.
- The bill would require HHS to inform consumers within two days about any breach experienced by the federal and state-operated health insurance exchanges that leaves consumer data at risk.
- The House is expected to vote on the bill this week.
Dive Insight:
While Congressman Pitts may have good intentions, he's opening up a real can of worms here. Of course the exchanges ought to let consumers know if the data has been compromised, but getting those notifications out within 48 hours—especially if the breach came from technical trouble or poor organization with the exchange—is something that even a private organization with less bureaucratic responsibilities would find very difficult to do. If the real goal of such legislation is to keep exchanges on their toes, there are more direct and effective ways to do so.