[Congressional Bills 114th Congress]
[From the U.S. Government Publishing Office]
[H.R. 903 Introduced in House (IH)]

114th CONGRESS
  1st Session
                                H. R. 903

   To require notification of individuals of breaches of personally 
identifiable information through Exchanges under the Patient Protection 
            and Affordable Care Act, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                           February 11, 2015

  Mr. Pitts introduced the following bill; which was referred to the 
                    Committee on Energy and Commerce

_______________________________________________________________________

                                 A BILL


 
   To require notification of individuals of breaches of personally 
identifiable information through Exchanges under the Patient Protection 
            and Affordable Care Act, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Health Exchange Security and 
Transparency Act of 2015''.

SEC. 2. NOTIFICATION OF INDIVIDUALS OF BREACHES OF PERSONALLY 
              IDENTIFIABLE INFORMATION THROUGH PPACA EXCHANGES.

    Not later than two business days after the discovery of a breach of 
security of any system maintained by an Exchange established under 
section 1311 or 1321 of the Patient Protection and Affordable Care Act 
(42 U.S.C. 18031, 18041) which is known to have resulted in personally 
identifiable information of an individual being stolen or unlawfully 
accessed, the Secretary of Health and Human Services shall provide 
notice of such breach to each such individual.
                                 <all>