Washington, D.C. – Following news reports last week that as many as 50 data mining companies were provided direct access to monitor information entered on the HealthCare.gov website, Science, Space, and Technology Committee Chairman Lamar Smith (R-Texas) today sent several letters seeking an explanation. 

Access to HealthCare.gov was apparently provided with permission and even encouragement from the federal government to companies who profit from gathering and selling personal information.

“Every American who has visited the Obamacare website may have been monitored by numerous companies without their consent or knowledge,” Smith wrote. “This revelation raises serious questions about both personal privacy and cybersecurity on the HealthCare.gov website.”

The Associated Press reported that when a person applies for coverage through HealthCare.gov, approximately 50 data mining companies immediately become aware of the individual’s online presence.  Data mining companies can then search for sensitive personal information that applicants are required to enter.  This can include a social security number, annual salary, employment, place of residence, immigration status, military service, criminal history, financial information, age, whether one is pregnant, whether one smokes and more. 

Smith wrote that “Once a data mining company seizes this treasure trove of sensitive personal information, it is able to combine this data with other information collected by tapping into commercial websites and databases such as phone calls, texts, social media posts, frequently visited websites, and credit card purchases.  These detailed electronic records on millions of Americans could then be sold to other businesses, U.S. government agencies, foreign governments and even criminal enterprises that are willing to pay large sums of money for the information…”

“It is astonishing that the Obama administration has allowed scores of these companies to take up permanent residence on the HealthCare.gov website.”

The letters request information about how decisions were made, who was aware, and how the administration justifies these actions.  Separate letters were sent to the White House Office of Science and Technology Policy as well as the heads of the U.S. Department of Health and Human Services and the Centers for Medicare and Medicaid Services.

During the 113th Congress, the Committee held several hearings on the security of HealthCare.gov, including a November, 2013 hearing, Is My Data on HealthCare.gov Secure?; a January 2014 hearing, Healthcare.gov: Consequences of Stolen Identity; and a March 2014 hearing, Can Technology Protect Americans from International Cybercriminals?

Chairman Smith’s full letters can be found HERE.