[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3811 Introduced in House (IH)]

113th CONGRESS
  2d Session
                                H. R. 3811

   To require notification of individuals of breaches of personally 
identifiable information through Exchanges under the Patient Protection 
                        and Affordable Care Act.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                            January 7, 2014

Mr. Pitts (for himself, Mr. Aderholt, Mr. Barletta, Mr. Bilirakis, Mrs. 
Black, Mrs. Blackburn, Mr. Brooks of Alabama, Mr. Burgess, Mr. Calvert, 
  Mr. Campbell, Mrs. Capito, Mr. Carter, Mr. Cassidy, Mr. Chabot, Mr. 
Collins of Georgia, Mr. Cook, Mr. Cotton, Mr. Crawford, Mr. Culberson, 
 Mr. Rodney Davis of Illinois, Mr. Duncan of Tennessee, Mrs. Ellmers, 
Mr. Farenthold, Mr. Fitzpatrick, Mr. Flores, Mr. Gardner, Mr. Gerlach, 
   Mr. Gibson, Mr. Gingrey of Georgia, Mr. Griffin of Arkansas, Mr. 
 Griffith of Virginia, Mr. Hall, Mr. Harper, Mr. Huizenga of Michigan, 
    Mr. Johnson of Ohio, Mr. Jones, Mr. Kelly of Pennsylvania, Mr. 
Kinzinger of Illinois, Mr. Lance, Mr. Latta, Mr. Long, Mr. McCaul, Mr. 
 McKinley, Mrs. McMorris Rodgers, Mr. Meadows, Mr. Meehan, Mrs. Miller 
of Michigan, Mr. Neugebauer, Mr. Palazzo, Mr. Poe of Texas, Mr. Pompeo, 
 Mr. Radel, Mr. Reed, Mr. Ribble, Mr. Rigell, Mr. Rogers of Michigan, 
Mr. Rokita, Mr. Rothfus, Mr. Shuster, Mr. Smith of Texas, Mr. Stivers, 
 Mr. Terry, Mr. Thompson of Pennsylvania, Mr. Tiberi, Mrs. Wagner, Mr. 
 Walden, Mrs. Walorski, Mr. Webster of Florida, Mr. Westmoreland, Mr. 
 Whitfield, Mr. Wilson of South Carolina, Mr. Womack, and Mr. Woodall) 
 introduced the following bill; which was referred to the Committee on 
                          Energy and Commerce

_______________________________________________________________________

                                 A BILL


 
   To require notification of individuals of breaches of personally 
identifiable information through Exchanges under the Patient Protection 
                        and Affordable Care Act.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Health Exchange Security and 
Transparency Act of 2014''.

SEC. 2. NOTIFICATION OF INDIVIDUALS OF BREACHES OF PERSONALLY 
              IDENTIFIABLE INFORMATION THROUGH PPACA EXCHANGES.

    Not later than two business days after the discovery of a breach of 
security of any system maintained by an Exchange established under 
section 1311 or 1321 of the Patient Protection and Affordable Care Act 
(42 U.S.C. 18031, 18041) which is known to have resulted in personally 
identifiable information of an individual being stolen or unlawfully 
accessed, the Secretary of Health and Human Services shall provide 
notice of such breach to each such individual.
                                 <all>