Rep. Joe Barton (R-Texas), a member of the House Energy and Commerce Committee, on Thursday grilled Cheryl Campbell, senior vice president of CGI Federal Inc., the company that built the Obamacare health-insurance exchange website, on language hidden in source code on the site that says applicants have “no reasonable expectation of privacy.”
Barton showed Campbell an image of the website coding that included this warning, and she confirmed that she knew it was there.
However, she insisted that in developing the site the way it did, her company was simply following “a set of rules and regulations” set out under their contract by the Centers for Medicare and Medicaid Services.
“This is the part of the signup that is hidden,” said Barton. “The applicant does not see this, but it is in the source code, and what that blue highlighted area that’s been circled in red says is: ‘You have no reasonable expectation of privacy regarding any communication or data transmitting or stored on this information system.”
The HIPAA Privacy Rule “establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.”
“HIPAA is designed to protect the patient’s privacy, and this explicitly says in order to continue, you have to accept this condition that you have no privacy, or no reasonable expectation of privacy,” he said.
At the hearing on Obamacare implementation failures, Campbell admitted that she was aware of the language in the source code. However, she told the committee earlier that her company was HIPAA compliant.
When Barton pressed her on whether the source code was HIPAA compliant, Campbell said it was a decision for CMS (Centers for Medicare & Medicaid Services) to make.
“You just told Mrs. Blackburn that it was HIPAA complaint. You know that’s not HIPAA compliant. You admit that you knew it was in there. It may be their decision to hide it, but you’re the company–not you personally–but your company is the company that put this together,” Barton said.
“We’re telling every American, including all my friends on the Democrat side–and they’re huge privacy advocates–Diane DeGette, is co-chairman of the Privacy Caucus with me, but you’re telling every American if you sign up for this or even attempt to, you have no reasonable expectation of privacy. That is a direct contradiction to HIPAA, and you know it. Yes or no?” Barton asked Campbell.
“Once again, CMS has us comply to a set of rules and regulations that they’ve established under our contract, and that is a CMS call. That is not a contractor call,” Campbell said.
“You’re now saying that CMS made a decision to break the law. Do you agree with that decision?” Barton asked her.
Campbell replied that she could not speculate.
Barton asked who Campbell reported to and who made policy level decisions that her company interfaced with.
“There are many decisions made under this program over this last two and a half years,” Campbell said.
“Is this another example where things just go into a cloud? All you are is contractor that spent $300 or 400 million? It goes to some amorphous cloud and then it comes back from down on high? Who wrote that?” Barton asked.
“I am not clear as to who wrote that,” Campbell replied. When Barton pressed her on whether it should be a requirement to sign up for Obamacare to “give up any reasonable expectation of privacy,” she said it was not her “jurisdiction.”
“Well, I’ll answer. I don’t think it should be,” Barton said.
After Barton spoke, Rep. Frank Pallone (D-N.J.) accused Republicans on the committee of holding a “monkey court” and trying to scare Americans from signing up for Obamacare.
“So once again, here we have my Republican colleagues trying to scare everybody,” Pallone said.
“There are no pre-existing conditions. The pre-existing conditions don’t matter. HIPAA doesn’t apply. There’s no health information in the process. You’re asked about your address, your date of birth,” he said.
“You’re not asked health information, so why are we going down this path? Because you are trying to scare people so they don’t apply and so therefore the legislation gets delayed or the Affordable Care Act gets defunded or it’s repealed. That’s all it is, hoping people won’t apply,” Pallone added.