News

Americans deserve to have their sensitive health information protected. Energy and Commerce Republicans have been actively working since the February 21st cyberattack on Change Healthcare to understand how it happened, how it can be prevented in the future, and how to help Americans continue to access care.  THE PROBLEM Change Healthcare is one of the largest health payment processing companies in the world. It acts as a clearing house for 15 billion medical claims each year—accounting for nearly 40 percent of all claims. The cyberattack that occurred in February knocked Change Healthcare—a subsidiary of the behemoth global health company UnitedHealth—offline, which created a backlog of unpaid claims. This has left doctors’ offices and hospitals with serious cashflow problems—threatening patients’ access to care. It has since come to light that millions of Americans may have had their sensitive health information leaked onto the dark web, despite UnitedHealth paying a ransom to the cyber attackers. E&C ACTION From the outset, Members on Energy and Commerce have been working with the administration and Change Healthcare to help providers—particularly smaller and rural practices—maneuver through the new, complicated process of getting reimbursed, so they could keep their doors open and focus on caring for patients. Energy and Commerce Republicans were briefed by the Administration for Strategic Preparedness and Response, the Centers for Medicare and Medicaid Services, and Change Healthcare in the weeks following the attack. Following the briefings, bipartisan Energy and Commerce leaders wrote to UnitedHealth seeking answers about the attack. The Subcommittee on Health convened a hearing on May 17th to explore cybersecurity vulnerabilities in the health care sector and discuss possible solutions to address them. This week, the Oversight and Investigations Subcommittee called UnitedHealth CEO Sir Andrew Witty to explain to the American people what happened in the lead up to and during the attack, how the company is responding, and how it plans to prevent such an attack from happening again. WHAT WE LEARNED 1. The attack occurred because UnitedHealth wasn’t using multifactor authentication [MFA], which is an industry standard practice, to secure one of their most critical systems.  Mr. Witty:   We're continuing to investigate as to exactly why MFA was not on that particular service. It clearly was not. I can tell you I'm as frustrated as you are about having discovered that and as we've gone back and figured out how this situation occurred.    Change Healthcare came into the organization toward the end of 2022 after the timing of the declarations you just described.    Change Healthcare was a relatively older company with older technologies, which we had been working to upgrade since the acquisition. For some reason, which we continue to investigate, this particular server did not have MFA on it.   2. It’s estimated that a third of Americans had their sensitive health information leaked to the dark web as a result of the attack.  Oversight Subcommittee Chair Morgan Griffith: "Substantial proportion of the American population." What does that mean? How much are we talking? 20 percent? We talking 50 percent? We're talking 70? Tell us.   Mt. Witty:   Chairman, we continue to investigate the amount of data involved here. We do think it's going to be substantial. Because we haven't completed the process, I'm hesitant to be overly precise on that and and be wrong in the future. I wouldn't like to mislead anybody in that regard.   Chair Griffith:   Well, and I wouldn't want you to mislead us either. But when you say "substantially," at least give me some kind of a range. You can be on the bottom to high. I don't mind giving you a range. Are we talking 20 to 50?   Mr. Witty:   I think maybe a third or somewhere of that level.   3. This might not be the end of the leaks. Despite UnitedHealth paying a ransom to the criminals, it cannot guarantee that more of Americans’ sensitive information will not be leaked.  Chair Cathy McMorris Rodgers:   How were the hackers communicating with UnitedHealth to get the ransom? Did you communicate ever directly with the hackers?   Mt. Witty:   I did not. No. Chair Rodgers:   How much did you pay in ransom? And how was it paid it? In dollars? Bitcoin or other cryptocurrency?   Mr. Witty:   $22 million in Bitcoin.  Chair Rodgers:   What was the date that you paid the ransom?   Mr. Witty:   I'm sorry. I don't have that to mind. But I can certainly get back to you with that.   Chair Rodgers:   Can you affirmatively say that the hackers you paid did not make copies of protected or personal data and then, at a later date, uphold it onto the internet or the dark web.   Mr. Witty:   I cannot affirmatively say that. No. 4. UnitedHealth has resources to help individuals and providers.  Dr. Burgess:   Is there a generally available website or telephone number that a practice can call right now, if they're continuing to have a problem?  Mr. Witty: Yes. And thank you very much for the question. So [ https://support.changehealthcare.com/ ] is the best website for anybody to access, whether it being a provider or an individual.    But, also I would very much like to note the 1-800 number that's available for individuals to call if they have any questions at all about data or anything like that.    So, it's 1 (866) 262-5342. That service line is available and makes available very quickly is a very simple process. If anybody wants things like credit protection, identity theft protection, those services are all available to be enrolled on just through a simple phone call.   CLICK HERE to watch the full hearing. Check out some of the news coverage from the hearing: UnitedHealth’s handling of the situation will probably be “a case study in crisis mismanagement for decades to come,” said Rep. Cathy McMorris Rodgers (R-Wash.), chair of the House Energy and Commerce Committee.  Witty fielded heated questions from Senators on the House Energy and Commerce Committee about the company's failure to prevent the breach and contain its fallout.  Pressed for details on the data compromised, Witty said "maybe a third" of Americans' protected health information and personally identifiable information was stolen.  Members of the House Energy and Commerce Committee asked Witty why the nation's largest health care insurer did not have the basic cybersecurity safeguard in place before the attack. "Change Healthcare was a relatively older company with older technologies, which we had been working to upgrade since the acquisition," Witty said. "But for some reason, which we continue to investigate, this particular server did not have MFA on it."  Rep. Gary Palmer (R., Ala.), in an afternoon hearing held by the House Energy and Commerce Committee’s subcommittee on Oversight and Investigations, pressed Witty on how many government employees with security clearance were included in the breach. That kind of theft would be a national-security risk, he said.  Still, Rep. Earl L. “Buddy” Carter, R-Ga., railed against the company’s use of vertical integration, in which it has acquired physician practices, pharmacy benefit managers and other players in the health care system. “Let me assure you that I’m going to continue to work to bust this up,” Carter said.“This vertical integration that exists in health care in general has got to end.”  Several members also took the opportunity to chide United Healthcare’s use of prior authorization, which Witty said resumed for its Medicare Advantage plans April 15.   The company should “carefully review how that prior authorization” has affected patient outcomes, said Rep. John Joyce, R-Pa. 

Washington D.C. — House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) and Communications and Technology Subcommittee Chair Bob Latta (R-OH) announced a hearing titled “Perspectives from the Fields: The State of Rural Broadband in America.”  “Fast, reliable internet has become a vital part of people’s every day lives. From education and accessing health care to cutting edge agriculture technology that is helping feed the world, more and more of these activities are utilizing the internet, making connectivity foundational to success. It continues to be our mission to ensure that every community across the country can access broadband, especially in rural areas,” said Chairs Rodgers and Latta. “We are looking forward to hearing from community leaders in Bakersfield, California, about how we can secure meaningful connectivity for every American and close the digital divide.” Communications and Technology Subcommittee hearing titled “Perspectives from the Fields: The State of Rural Broadband in America.”   WHAT: A subcommittee hearing to discuss rural broadband in America. DATE: Friday, May 10, 2024 TIME: 10:00 AM PT (1:00 PM ET) LOCATION: 1001 Truxtun Avenue, Bakersfield, CA 93301 This notice is at the direction of the Chair. The hearing will be open to the public and press and will be live streamed online at https://energycommerce.house.gov/ . If you have any questions concerning the hearing, please contact Noah Jackson at Noah.Jackson@mail.house.gov . If you have any press-related questions, please contact Sean Kelly at Sean.Kelly@mail.house.gov . 

It’s National Small Business Week! Small businesses are the engine of our economy—leading the way in American innovation and ingenuity. In fact, small businesses are responsible for 70 percent of American jobs. To win the future and lead the global economy, we must advance policies to help America’s small businesses be successful. One way to do this is with a national data privacy and security standard, like the bipartisan American Privacy Rights Act .  Right now, growing small businesses and startups are forced to navigate a patchwork of state data privacy laws. 16 states have privacy laws that regulate the commercial collection and use of people’s data.  Ensuring compliance with multiple state laws can be costly and time consuming — forcing companies to divert valuable resources that could be used to improve or grow their business. It’s estimated that, without a national data privacy standard, U.S. small businesses could pay upwards of $20-23 billion annually trying to comply with a patchwork of state laws. Startups and small businesses simply cannot afford to comply with 50 different versions of rules. That’s why we’re leading on the American Privacy Rights Act to create a clear and consistent data privacy standard across all 50 states. Our bipartisan draft legislation strikes the right balance by giving Americans more control over where their personal information goes and who can sell it, while making sure small businesses and entrepreneurs are able to continue thriving and innovating in the U.S. 137 of the world’s 194 countries have national privacy laws. The United States does not. If we wait any longer, the larger the patchwork of state laws will grow and hurt American businesses, deter companies from operating and innovating in America, and undermine our ability to influence global standards to benefit the U.S. The American Privacy Rights Act ensures businesses have one clear set of rules to operate under— so a business will have the same standards in California as it does in Washington or Virginia. To further support small businesses and entrepreneurs, the American Privacy Rights Act exempts those that do not sell their customer’s data for profit, those with an annual revenue of $40 million or less, and those that do not collect, process, retain, or transfer the data of 200,000 customers or fewer from the requirements of the bill. The American Privacy Rights Act is focused on the business of data, not Main Street business. It’s past time for the United States to have one uniform, comprehensive data privacy standard that empowers small businesses to grow and thrive. Congress has been searching for a solution on this issue for decades, and now we have it with the American Privacy Rights Act .

Washington D.C. — House Energy and Commerce Oversight and Investigations Subcommittee Chair Morgan Griffith (R-VA) delivered the following opening remarks at today’s subcommittee hearing titled “Examining the Change Healthcare Cyberattack.”  LASTING EFFECTS OF THE CYBERATTACK   “Today’s hearing is about what likely is the most consequential cyberattack in health care history.  “How could something like this happen? How did consolidation in the health insurance industry reach such a state that a single ransomware attack on one company can cripple the flow of claims and payments for months? “Change Healthcare, a UnitedHealth subsidiary acquired in 2022, was subject to the cybersecurity attack. It operates the largest Electronic Data Interchange clearinghouse in the nation. “Roughly 50 percent of U.S. medical claims pass through or touch Change’s clearinghouse, making it an essential link between providers and insurers.  “A single company having this much of the medical claims processing market share makes them a large target for bad actors.   “It is even more astounding when you consider that the attack itself reportedly occurred using 'compromised credentials', without multifactor authentication. This authentication is a pretty standard defense to prevent cyberattacks.  “I am concerned about the patients who have been affected.   “Many patients were left having to pay large amounts of money out of pocket for their medications because the pharmacy couldn’t process their claims or their copay coupons. “The Marion Family Pharmacy in Marion, Virginia, in my district, said the biggest effect has been patients not being able to afford their medication without copay assistance cards. “The owner of the pharmacy even said, and I quote, 'We’ve got people walking away from diabetes medicines, antipsychotics, and ADHD medications.'  “One specific example was a patient having to pay $1,100 for medication since the pharmacy was not able to process her copay assistance card due to the cyberattack.   “United is contractually obligated to pay for these medications, yet patients are still paying premiums and forced to either walk away, pay large sums of money for their medications and even have to borrow money from friends, family, or interest-bearing cash advances on their credit cards.”  PROVIDERS STRUGGLING TO STAY AFLOAT   “Providers were also deeply affected by this cyberattack.    “In the initial phase, providers were left in the dark as to why United stopped processing claims.  “There was deep uncertainty about how to get their claims to flow uninterrupted, the loan program was minimal and restrictive, while bringing on many unrecognized expenses such as switching clearinghouses and managing prior authorization.   “It's particularly troublesome because doctors are worried about keeping their practices open, United, by shutting down its clearinghouse and effectively stopping all payments on claims, making it more difficult to continue providing services.   “One suburban Philadelphia physician who runs a $6 million-a-year practice was offered only $3,300 by UnitedHealth’s emergency loan program. She might have to sell her practice.  “How many millions of dollars of interest alone has United made from holding on to money that it would otherwise have had to pay to providers and for patients?  “How many millions of surgeries, treatments, and prescriptions were delayed, or worse, cancelled?”  UNDERSTANDING THE FULL IMPACT   “I understand the substantial task United is facing while dealing with the fallout from the cyberattack, but I look for an explanation on how they did not have a backup plan. “If they did have one, it obviously failed—resulting in the federal government having to step in.  “Additionally, we do not know how many patients had their health information breached.  “Last week, United conceded that the personal healthcare information and data of a 'substantial proportion' of Americans has been stolen.   “At this hearing, I hope we can get an understanding of just how many Americans fall within United’s definition of 'substantial proportion.’  “Even though United paid the ransom, we now have reports that cyber criminals are releasing patient information, billing records, and other personal health data held by UnitedHealth Group onto the dark web anyway.  “I am hopeful this hearing will shed light on these issues so we can understand the full picture.   “I can assure you that this subcommittee will be watching closely. I am always willing to hold follow-up hearings if needed.” 

Washington D.C. — House Energy and Commerce Energy, Climate, and Grid Security Subcommittee Chair Jeff Duncan (R-SC) delivered the following opening remarks at today’s Energy, Climate, and Grid Security Subcommittee hearing titled “The Fiscal Year 2025 Department of Energy Budget.”  “The Department of Energy has immense national security responsibilities to protect America’s energy security and to oversee the nation’s nuclear weapons program.    “DOE also conducts and oversees taxpayer-funded research and development and provides loans and grants to help commercialize energy-related technologies.     “These hearings are essential to ensure that the Department is sticking to its core mission and acts as responsible stewards of taxpayer resources.   “Members will also have an opportunity to examine DOE’s expanding budget request.  “This year, DOE is requesting $51.4 billion dollars. Since FY 2021, DOE’s budget has increased by about $12 billion dollars, about 30 percent.”  PRESIDENT BIDEN’S WAR ON AMERICAN ENERGY   “After three years of President Biden’s war on American energy, the American people are suffering.  “The administration’s blind obsession to 'transition’ everyone away from fossil fuels is straining household budgets and putting the American dream further out of reach for many struggling families.      “Inflation is out of control. Sky-high energy prices and persistent supply-chain shortages are impacting our economy and our safety.  “From groceries to electric bills—everything costs more under President Biden’s energy policies.”  “Americans expect that when we flip the switch or turn the key—that the power comes on immediately.  “In America, if you want to build a home or expand a business—we expect that the infrastructure can be built quickly and predictably.  “Regrettably, under President Biden, supply chain shortages and price spikes have crippled our economic growth and made it more difficult to build new infrastructure.”  ROLE OF THE DEPARTMENT OF ENERGY    “The Department of Energy has played a role in the energy price spikes and persistent supply chain shortages.   “DOE has mismanaged our Strategic Petroleum Reserves—draining the stockpile to the lowest level in the nation’s history, with no credible plan to replenish it and no plan to increase domestic energy production.    “DOE has turned a blind eye to punitive EPA regulations that have forced the premature retirement of our most affordable and reliable coal, gas, and nuclear power plants and threatened the reliability and stability of our electric grid.   “DOE has pursued a radical climate agenda to impose new Federal regulations for household appliances, electrical equipment, building construction, and natural gas usage.   “DOE also recently imposed a ban on the issuance of new LNG export permits—a political reward for the 'keep-it-in-the-ground' climate activists in an election year.   “As the Committee learned during a field hearing in Port Arthur, Texas, the LNG export ban has created hardships and pain for thousands of workers and their families along the Gulf Coast.”  CONGRESSIONAL ACTION TO REIN IN THE DOE   The Democrat’s radical transition plans, and the Department of Energy’s refusal to accept and address the threats facing our energy systems, has required Congress to act.  “Under the Republican majority, the House has passed bipartisan legislation to rein in the Department of Energy and the Biden administration.  “At the beginning of this Congress, we passed H.R. 1 to unleash American energy and modernize our energy infrastructure. In the months that followed, we passed bills to reverse punitive regulations and policy decisions that the Secretary of Energy signed off on.  “We passed legislation to reverse the ban on gas stoves, to prevent DOE from draining our strategic petroleum stockpile and selling it to China, and to reverse DOE’s moratorium on new LNG export permits.”        “Today’s hearing will allow the Secretary of Energy to answer for the Biden administration’s war on American energy.   “We stand at a pivotal time in our nation’s history, and the decisions that are made today will impact our kids and grandkids for generations.      “We have a simple choice: We can embrace America’s energy abundance and cement our position as the world’s number one energy superpower, or we can follow the Biden administration’s plan to rely on China for batteries, electric cars, and solar panels made with slave labor and environmental abuses.  “As it has been said in this Committee before, I believe we need an American energy expansion, not an energy transition to China.  “A critical part of this energy expansion is nuclear energy. I am pleased with this administration’s dedication to expanding nuclear energy and I look forward to continuing to work with both my colleagues here in Congress and the Biden administration on advancing this goal.” 

Washington D.C. — House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) delivered the following opening remarks at today’s Energy, Climate, and Grid Security Subcommittee hearing titled “The Fiscal Year 2025 Department of Energy Budget.”  “This committee plays a critical role in ensuring U.S. energy security and leadership.  “For decades, America has led the way. “We’ve harnessed the power of nuclear energy, electrified millions of rural American’s homes with clean hydropower, and ushered in the Shale Revolution, creating millions of new jobs and powering economic prosperity.  “America was able to achieve this through free market principles, entrepreneurship, and giving people the opportunity to choose which energy sources best suit their needs.  “Energy and Commerce Republicans have been working to protect and expand this legacy for generations to come.”  FORCING A RADICAL AGENDA   “The Biden administration, on the other hand, is working to dismantle that legacy.  “This administration’s policies continue to put America on a dangerous path that harms our security and gives our adversaries, like China, control over our energy supply chains.  “This administration has consistently sought to prevent or slow development of American oil and gas resources, which are critical to our own energy security as well as the security of our allies.  “DOE has been complicit in this with actions like the effective ban on new LNG exports.  “American LNG has been a lifeline, especially to our European allies, since Russia invaded Ukraine.  “In the aftermath of the invasion, American LNG helped them reduce their natural gas prices by over 83 percent and reduce their dependence on Russia.  “This ban sends a signal to our allies that we’re no longer a dependable energy partner.  “We find this unacceptable.  “Another example is the recent decision to limit energy development in more than half the National Petroleum Reserve in Alaska.  “Doubling down on policies to restrict oil and gas, to retire baseload power generation, and to promote widespread, unaffordable and unreliable electrification is not how we secure our energy future.”  UNAFFORDABLE FOR AMERICANS   “Unfortunately, Americans are feeling the impacts of this radical rush-to-green agenda.  “Since President Biden took office, electricity prices have risen some 30 percent.  “That's almost 50 percent more than overall inflation.  “Unilateral actions like those taken by the administration continue to drive out affordable, reliable baseload generation needed to keep prices low and keep the lights on.  “Grid operators and others have been sounding the alarm for years, warning that the U.S. is on a dangerous and unsustainable path.  “Continuing down this path will mean higher energy prices and more catastrophic blackouts across the country, like what’s already happening in places like California.”  DOE COMPLICIT IN ECONOMIC HARM   “As the head of DOE, it is the Secretary’s responsibility to ensure American energy security and leadership. “Yet this department continues to stand by and watch as EPA imposes requirements that harm our ability to generate reliable power. “Is the Department ceding its energy and grid expertise to the EPA? “EPA policies like their new particulate matter standards will make permitting new manufacturing and industry almost impossible in large regions of the country. “I’d like to understand why DOE thinks we can succeed under these anti-manufacturing, and really anti-American policies which are undermining the very manufacturing programs DOE supports to help restore American leadership in critical energy materials and to reduce reliance on China. “Instead of undermining American energy and economic success, let’s work together to build on our remarkable legacy, which has transformed the human condition, lifted people out of poverty, and raised the standard of living more than any other country in the world. “The best way to do this is with a strong energy mix that takes advantage of the resources we have here at home, lowers costs for Americans, and prevents us from becoming reliant on China. “This administration’s forced transition will leave our economy dangerously dependent on supply chains controlled by China and make energy less affordable and less reliable for Americans. “I believe the Department of Energy serves a critical role in assuring sound energy polices, while also providing the support necessary for innovation to flourish. “That’s the goal today. “I look forward to the Department of Energy stepping up so that we can accomplish that goal.” 

At the direction of Speaker Mike Johnson (R-LA), Energy and Commerce Republicans are launching an investigation of allegations of rampant bias at NPR, which is funded by U.S. taxpayers. Check out this exclusive coverage in Fox News:  FIRST ON FOX : The House Energy & Commerce Committee is summoning the head of NPR before Congress to answer accusations the outlet has a left-wing bias despite receiving federal funds. Speaker Mike Johnson, R-La., directed House Republican leaders to open the probe, he told Fox News Digital. "The Committee has concerns about the direction in which NPR may be headed under past and present leadership. As a taxpayer funded, public radio organization, NPR should focus on fair and objective news reporting that both considers and reflects the views of the larger U.S. population and not just a niche audience," Committee Chairwoman Cathy McMorris Rodgers, R-Wash., wrote to NPR CEO Katherine Maher. She led Morgan Griffith, R-Va., chair of the subcommittee on oversight, and Bob Latta, R-Ohio, chair of the subcommittee on communications and technology, in asking Maher to publicly testify before Griffith’s panel next week.  [...]  Johnson told Fox News Digital of the probe, "In light of the recent, disturbing revelations about National Public Radio (NPR) and its leadership, I’ve directed Chair McMorris Rodgers and the Energy and Commerce Committee to conduct an investigation of NPR and determine what actions should be taken to hold the organization accountable for its ideological bias and contempt for facts. The American people support the free press but will not be made to fund a left-leaning political agenda with taxpayer funds."  Conservatives have long accused NPR of reporting with a left-wing bias while some of its funding is provided through federal grants and other government-backed dollars.  Those concerns were recently magnified when former NPR editor Uri Berliner asserted in an op-ed that the outlet mishandled critical stories that stemmed from Hunter Biden’s laptop hard drive and COVID-19 lab leak theories, among others, and that registered Democrats were vastly overrepresented in the newsroom, 87-0. "We also find it disconcerting that NPR’s coverage of major news in recent years has been so polarized as to preclude any need to uncover the truth. These have included news stories on matters of national security and importance, such as the Mueller report, the Hunter Biden laptop, and the COVID-19 origins investigation. On each of these issues, NPR has been accused of approaching its news reporting with an extreme left-leaning lens," the lawmakers wrote. They also took issue with Maher’s own past statements, including a 2021 TED Talk in which she said, according to the letter, "Our reverence for the truth might be a distraction that’s getting in the way of finding common ground and getting things done." "You yourself have stated that you view the First Amendment as ‘the number one challenge’ because speech protections make it ‘tricky’ to suppress ‘bad information’ and the ‘influence peddlers who have made a real market economy around it.’’ Ironically, both you and NPR have used the same First Amendment to protect your own views and statements," they wrote. CLICK HERE to read the full story on Foxnews.com. CLICK HERE to read the letter to Ms. Maher.

Washington, D.C. — House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA), Subcommittee on Communications and Technology Chair Bob Latta (R-OH), and Subcommittee on Oversight and Investigations Chair Morgan Griffith (R-VA) wrote to NPR CEO Katherine Maher regarding reports of political and ideological bias at the taxpayer-funded public radio organization. In addition to requesting answers to questions, the letter requests Ms. Maher appear before the Oversight and Investigations Subcommittee for a hearing on May 8, 2024. "The Committee has concerns about the direction in which NPR may be headed under past and present leadership. As a taxpayer funded, public radio organization, NPR should focus on fair and objective news reporting that both considers and reflects the views of the larger U.S. population and not just a niche audience," the Chairs wrote.   They continued , "We also find it disconcerting that NPR’s coverage of major news in recent years has been so polarized as to preclude any need to uncover the truth. These have included news stories on matters of national security and importance, such as the Mueller report, the Hunter Biden laptop, and the COVID-19 origins investigation. On each of these issues, NPR has been accused of approaching its news reporting with an extreme left-leaning lens." “In light of the recent, disturbing revelations about National Public Radio (NPR) and its leadership, I’ve directed Chair McMorris Rodgers and the Energy and Commerce Committee to conduct an investigation of NPR and determine what actions should be taken to hold the organization accountable for its ideological bias and contempt for facts. The American people support the free press but will not be made to fund a left-leaning political agenda with taxpayer funds.” said Speaker Mike Johnson (R-LA) regarding the effort. CLICK HERE to read the letter.

House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) joined CNBC’s Squawk Box to talk about today’s Oversight and Investigations Subcommittee hearing on the Change Healthcare cyberattack. Highlights and excerpts from the interview below:  On What to Expect at This Afternoon’s Hearing:   “This is an important Oversight Subcommittee hearing for the Energy and Commerce Committee. We expect to get a comprehensive report from Mr. Witty from UnitedHealth as to what happened, why Americans have had their personal health information made available on the dark web, what they're doing to fix this problem, and then also what we and what UnitedHealth must do to ensure that this never happens again.  “UnitedHealth is very large, and millions of families and taxpayers pay billions of dollars to UnitedHealth in premiums, and we need to make sure that their personal health information is protected from these kinds of cyberattacks.”  On Attempts to Catch the Cyber Criminals:   “UnitedHealth decided to pay the ransom. We're going to ask questions as to why they decided to pay the ransom, in this case, because we know that when you pay the ransom, that only incentivizes more of the harmful behavior by those that are perpetrating these kinds of cyber attacks.   “We have been spending a lot of time and had numerous hearings around cybersecurity. Just two weeks ago, we had a hearing on cybersecurity as it relates to health care, on what steps we need to be taking to protect personal, sensitive health information that has been made available on the dark web, in this case, which is very harmful to millions of Americans.  “This is a very serious issue, and that's part of the purpose of the hearing today.”   On the Role of Congress Intervening to Protect Patients’ Data:   “This hearing is part of us getting answers. We need to better understand what happened, why it happened, and then we will look at what steps we need to be taking. Certainly cybersecurity, whether it's in healthcare or other sectors, is top of mind for Americans as we see more and more of our information online. “The Committee is working on protecting American privacy rights online. We've also worked on the Lower Costs, More Transparency Act to give Americans more ownership over their data, but also to understand what the prices are.   “In this case, United has become very large, and the individual, unfortunately doesn't always have a lot of power and control in this, so I believe it's very important that we get legislation that's going to help patients understand what the prices are. We have United as a very large health insurance company that maybe doesn't want to pay the prices, only the doctors that are providing the care and that can be problematic.”  [...]  “We have looked at the consolidation, and we passed legislation with overwhelming support— the Lower Costs, More Transparency Act —to address this consolidation to provide more competition in the marketplace, which ultimately brings down costs and gives consumers more choices.   “We're working with the Senate to get them to take action on this, because we're overall concerned about these larger and larger health care systems.”