[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[S. 1902 Introduced in Senate (IS)]

113th CONGRESS
  2d Session
                                S. 1902

   To require notification of individuals of breaches of personally 
identifiable information through Exchanges under the Patient Protection 
                        and Affordable Care Act.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                            January 9, 2014

 Mr. Barrasso (for himself, Mr. Johanns, Mr. Coburn, Mr. Cochran, Mr. 
 Isakson, Mr. Moran, Mr. Hatch, Mrs. Fischer, Mr. Scott, and Mr. Burr) 
introduced the following bill; which was read twice and referred to the 
          Committee on Health, Education, Labor, and Pensions

_______________________________________________________________________

                                 A BILL


 
   To require notification of individuals of breaches of personally 
identifiable information through Exchanges under the Patient Protection 
                        and Affordable Care Act.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Health Exchange Security and 
Transparency Act of 2014''.

SEC. 2. NOTIFICATION OF INDIVIDUALS OF BREACHES OF PERSONALLY 
              IDENTIFIABLE INFORMATION THROUGH PPACA EXCHANGES.

    Not later than two business days after the discovery of a breach of 
security of any system maintained by an Exchange established under 
section 1311 or 1321 of the Patient Protection and Affordable Care Act 
(42 U.S.C. 18031, 18041) which is known to have resulted in personally 
identifiable information of an individual being stolen or unlawfully 
accessed, the Secretary of Health and Human Services shall provide 
notice of such breach to each such individual.
                                 <all>