Senator Bill Cassidy, chairman of the U.S. Senate Health, Education, Labor, and Pensions Committee, raised concerns on Mar. 31 about a recent data breach at the Minnesota Department of Human Services that exposed private information of hundreds of thousands of individuals.
The issue highlights ongoing challenges in protecting sensitive health information as cyberattacks become more frequent and sophisticated. The committee is responsible for overseeing federal laws and agencies related to health and labor policy across the United States, according to the official website.
Cassidy said that "cyber criminals continue to exploit vulnerabilities to gain access to this data, potentially using it to interrupt care and commit fraud." He added that government stewards must take strong steps to prevent such attacks. The senator criticized Minnesota Governor Tim Walz after the state's health department disclosed that over 300,000 people had their protected health information accessed by a third-party vendor without authorization. Of those affected, more than 1,200 had highly sensitive details like Social Security numbers and medical records compromised.
According to Cassidy's letter addressed to Commissioner Gandhi, "the recent announcement by the Minnesota Department of Human Services (DHS) raises questions about its commitment to data security." He noted that DHS became aware of the incident in November but only disclosed it publicly in January. The agency has not yet fully identified what information was accessed for each individual impacted or offered free credit monitoring services despite recommending individuals request their credit reports.
Cassidy previously called out Illinois Governor JB Pritzker for similar lapses in protecting residents' private information. Earlier this Congress, he led passage of the Health Care Cybersecurity and Resilience Act through his committee—a body which works on public health legislation with goals including protection of patient privacy and support for worker rights according to its official website.
The Senate Health, Education, Labor, and Pensions Committee also oversees agencies such as the Food and Drug Administration (FDA) and National Institutes of Health (NIH), playing a key role in shaping national policy in these areas according to its official website.
In his closing remarks within the letter released publicly by his office on Mar. 31., Cassidy requested detailed answers from Minnesota DHS about their response timeline; notification procedures; security practices; audit history; technical safeguards implemented since the breach; rationale for declining free credit monitoring; and any additional support offered to those affected.
