Attorney General Tim Fox and 12 Other States Raise Concerns about Consumer Privacy Protection in Health Insurance Exchanges
Attorney General Tim Fox today announced that Montana and 12 other states have sent a letter to the U.S. Department of Health and Human Services (HHS), expressing concerns about consumers’ private information being protected under the new health insurance exchanges that are set to go into effect this fall.
“Montanans value their right to privacy, so much so that they made it an enumerated right in their state Constitution. The federal government’s lackadaisical approach to handling Americans’ private information doesn’t pass muster under any standard, and in particular Montana standards.”
The letter to Secretary Kathleen Sebelius says privacy protection measures written into HHS’s rules governing programs that assist consumers with enrolling in the planned new health care exchanges are woefully inadequate. The exchanges were created as part of the Affordable Care Act.
“Personnel working for various groups and agencies to help consumers sign up for health insurance will have significant access to consumers’ personal information, yet HHS rules lack clarity regarding privacy protection,” Attorney General Fox said. “HHS rules promise that training will be ‘extensive,’ but officials with the agency have already cut back on the required hours of training from 30 to 20 online hours because there isn’t enough time to do extensive training before the health insurance exchanges open. That’s the wrong approach and will only lead to more problems.”
The ACA provides funding for groups, such as navigators, to help consumers enroll in health insurance plans. As part of that process, these navigators and other assistance personnel will have significant access to consumers’ private and personal data. However, the letter states that HHS’s rules fail to ensure that navigators will be adequately trained to safeguard data provided by consumers. Nor do the rules make clear who is responsible if an identity theft occurs.
Even more concerning for the attorneys general is that HHS currently does not require criminal background checks or fingerprint checks of potential navigator hires and does not list any prior criminal acts as being a disqualifier for someone seeking to work with consumers.
“The risk of inadequate training is only one issue I’m concerned about,” Attorney General Fox said. “The proposed consumer safeguards also are woefully substandard and come up short when compared to other privacy protections at the state and federal level. HHS must understand that it’s not enough to simply adopt vague policies against fraud. Each person collecting information is being placed in a position of trust and will have access to a wide variety of personal information from consumers. Therefore, HHS must implement an on-the-ground plan to secure consumer information, follow up on complaints, and work with law enforcement to prosecute bad counselors; otherwise, this is a disaster waiting to happen.”
In their letter, the attorneys general raise eight areas of concern and ask HHS a series of questions about steps the agency will take to ensure citizens are protected. The attorneys general ask HHS to respond to their questions by August 28, 2013.
Attorneys general in West Virginia, Alabama, Florida, Georgia, Kansas, Louisiana, Michigan, Montana, Nebraska, North Dakota, Oklahoma, South Carolina and Texas joined in the letter.