Senator Bill Cassidy, chairman of the U.S. Senate Health, Education, Labor, and Pensions Committee, raised concerns on Mar. 31 about a recent cyberbreach at the Minnesota Department of Human Services that exposed sensitive information of more than 300,000 individuals.
The issue highlights ongoing challenges in protecting Americans’ private health data as cyberattacks become more sophisticated. The committee plays a key role in legislating public health policy and overseeing federal agencies such as the Food and Drug Administration and National Institutes of Health, according to the official website.
Cassidy criticized Minnesota Governor Tim Walz following the state’s disclosure that a third-party vendor accessed protected health information without authorization. “Cyber criminals continue to exploit vulnerabilities to gain access to this data, potentially using it to interrupt care and commit fraud,” Cassidy wrote. He also said government stewards must take robust steps to deter these attacks.
The senator noted that some states have repeatedly failed to protect sensitive information from cybercriminals. He referenced an earlier incident involving Illinois Governor JB Pritzker’s administration where over one million Americans’ private data was compromised without timely notification. Cassidy has previously investigated other lapses involving OPEXUS and UnitedHealth Group.
In his letter addressed to Commissioner Gandhi of Minnesota DHS, Cassidy asked for details on immediate actions taken after discovering the breach on November 19, 2025; whether state or federal entities were notified; what security practices are in place; when audits were last conducted; what technical safeguards will be implemented; and why free credit monitoring was not offered despite recommendations for affected individuals to check their credit reports.
“As hostile actors use more sophisticated methods to obtain health information, government stewards of protected health information (PHI) must all take robust steps to deter these attacks,” Cassidy wrote again in his letter.
The Senate Health, Education, Labor, and Pensions Committee is responsible for shaping regulations affecting public health across the country according to its official website. In the current Congress, Cassidy serves as chair according to the same source, guiding oversight efforts on issues like cybersecurity incidents impacting healthcare providers.
The committee continues its work by providing oversight of federal laws related to both health and labor sectors as reported by its official website. Its focus remains on supporting worker rights while ensuring agencies maintain strong protections for sensitive data.
