HealthCare.gov Security Bill Opposed by the Administration Passes in the House

by John Fund

The federal Obamacare website is a security disaster waiting to happen. Two security experts at the Center for Medicare and Medicaid Services have told House investigators that they recommended against launching it in October due to security concerns that it would be a target for hackers and identity thieves. That’s a major reason that over one-third of House Democrats jointed every single Republican today to require that the federal government quickly notify Americans in the event that their personally identifiable information is jeopardized on the health law’s exchanges. The bill passed this morning by 291 to 122 and goes to the Senate where it faces an uncertain future.

But it shouldn’t. While the House was voting, news broke that Target Corp. was announcing that up to 70 million of its customers saw their records hit by identity thieves last November and December. Reuters reported that :

Target said on Friday an ongoing forensic investigation showed that certain customer information in addition to the originally reported payment card data had been stolen.

The investigation showed that stolen information included names, mailing addresses, phone numbers and email addresses of customers in addition to those who swiped their cards during the 19-day breach period, Target spokeswoman Molly Snyder said.

. . . Target said customers will have zero liability for the cost of any fraudulent charges.

Target Corp. was required by federal law to alert all of its customers about any security breach. But HealthCare.gov’s designers exempted it from any such requirement, even though the Federal Register shows that outside experts begged them to put in accountability provisions. The House bill by representatives Joe Pitts of Pennsylvania and Diane Black of Tennessee would fix that glaring transparency omission. But the Obama administration strongly opposed the bill even though the doctrine of sovereign immunity severely limits the extent to which the federal government would ever be liable for any damages caused by a security breach.

Clearly, as far as HealthCare.gov is concerned the operating principle is: One law for the private sector and one law for Obamacare.