Attorney General Morrisey Disappointed by Lack of Response From HHS to Letter From 13 Attorneys General
CHARLESTON — Attorney General Patrick Morrisey said today he is disappointed that the U.S. Department of Health and Human Services did not respond to a letter he and 12 other state attorneys general sent expressing grave concerns about regulations associated with the new health insurance exchanges putting consumers’ private information at risk.
“It is unfortunate that neither Secretary Kathleen Sebelius nor anyone else in the Department responded to direct and important questions and concerns raised by one-quarter of the states’ attorneys general,” Attorney General Morrisey said. “However, we are taking additional steps. On Aug. 21, we sent a Freedom of Information Act request to the Department of Health and Human Services seeking information related to the concerns raised in the letter.”
Attorneys general in West Virginia, Alabama, Florida, Georgia, Kansas, Louisiana, Michigan, Montana, Nebraska, North Dakota, Oklahoma, South Carolina and Texas sent the letter to HHS on Aug. 14. In it, they pointed out that HHS’s rules governing programs assisting consumers with enrolling in the new health care exchanges have woefully inadequate privacy protections. The exchanges were created as part of the Affordable Care Act.
The letter requested a response from HHS by Aug. 28.
“We are very concerned about the risk of identity theft if holes in the policy aren’t addressed immediately or if the implementation of health care exchanges isn’t delayed to allow for better regulations, more training for consumer outreach programs and better fraud prevention,” Morrisey said. “We had sincerely hoped for a response from the Department to at least let us know that they were working to address our concerns.”
The ACA provides funding for groups, such as “navigators,” to help consumers enroll in health insurance plans. As part of that process, these navigators and other assistance personnel will have significant access to consumers’ private and personal data. The attorneys general letter states that the Department’s rules fail to ensure that navigators will be adequately trained to safeguard data provided by consumers. Nor do the rules make clear who is responsible if an identity theft occurs.
Even more concerning for the attorneys general is that HHS currently does not require criminal background checks or fingerprint checks of potential navigator employees. Moreover, HHS has not indicated whether navigators will carry a form of identification to allay consumers’ concerns about identity theft.
“One area of comfort for me is that local groups that have been selected to help consumers enroll in health insurance plans announced that they will be doing background checks on their employees. But much more information is needed from the federal government so that states know how best to ‘gap-fill’ with supplemental actions that protect our consumers and prevent identity theft,” Morrisey said. “The clock is ticking; failing to release such basic information less than one month before open enrollment begins is grossly irresponsible.”