Predictably, decorum broke down during Thursday morning's Congressional hearing on the Affordable Care Act's rocky website rollout, and just as predictably, everyone's grand takeaway seemed to be the "monkey court" line uttered by New Jersey Democratic Rep Frannk Pallone.
What preceded it was Texas GOP Rep Joe Barton's line of questioning, accusing contractors who designed the Healthcare.gov website of violating HIPAA privacy laws.
Barton was focused on a portion of source code in the insurance exchange website that read, "You have no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system." Barton asked the witness from CGI Federal --one of the site's contractors-- "How in the world can this be HIPAA compliant when HIPAA is designed to protect the patient's privacy and this explicitly says in order to continue you have to accept this condition that you have no reasonable expectation of privacy?"
The witness, incidentally, had already testified that the site was HIPAA compliant.
Pallone jumped in as soon as Barton finished with his questioning to point out (without directly saying so) that a) Barton doesn't understand the HIPAA law, b) he doesn't understand the health care law, c) He's confusing the privacy afforded under HIPAA and the privacy that necessary for online communication, or d) all of the above.
The Health Insurance Portability and Accountability Act of 1996 sets strict rules about sharing personal health information, not information necessary for online communication. As Pallone stated, "No health information is required in the application process. And why is that? Because pre-existing conditions don't matter." And then it got testy:
Pallone: "So once again, here we have my Republican colleagues trying to scare everybody…"
Barton, interrupting: If the gentleman will yield?
Pallone: No, I will not yield to this monkey court or whatever--
Barton: This is not a monkey court!
And there was born your soundbite of the day.
But Pallone's point is valid: There is no personal health information submitted to the Healthcare.gov website.
As to the other privacy concern, the source code regarding the privacy necessary for online communication, a common legal stipulation allows online companies to process information submitted online. When you send your emails via gmail, you acknowledge that Google has a right to see who sent the message and where it's going. It would be hard to maintain that information privately and have your email get to its destination.
It can be a little embarrassing to watch a bunch of Congressmen without technical expertise haggle over comments in HTML source code and confuse that with HIPAA laws, but lawmakers are hardly IT experts. Then again, they don't have to be. What's more important is where you stand in the debate over Obamacare, so don't be surprised if the HIPAA privacy violation line of attack spreads.