House Democrats want OPM, OMB to halt plans to collect federal worker health data
House Democrats are calling on the Trump administration to halt plans to collect health data about federal workers from insurance companies, arguing the sensitive information could be used to target employees seeking care it disagrees with.
The letter to Office of Personnel Management Director Scott Kupor and White House Office of Management and Budget Director Russell Vought was dated Friday and focuses on a notice for comment about the collection published by OPM in December, per a copy shared with FedScoop.
That information collection request called for comments on OPM’s plans to collect service use and cost data from carriers that work with two health care programs that serve federal workers and their families: Federal Employees Health Benefits (FEHB) and Postal Service Health Benefits (PSHB). That would include “medical claims, pharmacy claims, encounter data, and provider data.”
While OPM said in that posting that the data would be used to oversee the plans and ensure their quality, the lawmakers argue the Trump administration is not requiring insurers to anonymize the data and expressed concerns that it could use the detailed health information against the more than 8 million Americans that receive benefits via those programs.
Specifically, the lawmakers said that information “could use this data to target federal employees who have accessed abortion care, contraceptives, in vitro fertilization (IVF), gender-affirming care, pre-exposure prophylaxis (PrEP) for the prevention of HIV, or any other health care services targeted by Republicans.”
Spokespeople for OPM and OMB didn’t immediately respond to a FedScoop request for comment on the letter.
The communication was led by Rep. Robert Garcia, D-Calif., ranking member of the Committee on Oversight and Government Reform, and nine other Democratic lawmakers. The other signatories include Reps. Raja Krishnamoorthi, Ill., ranking member of the Subcommittee on Health Care and Financial Services, as well as Steny Hoyer, Md., and Don Beyer, Va.
In addition to halting efforts to collect the data, the lawmakers also called for a briefing on the decision.
Despite the December posting stating that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) permits the carriers to disclose protected health information to health oversight agencies, the lawmakers said that impacted insurers have raised concerns about complying with the health privacy law. According to the letter, HIPAA allows health care entities to share personal information “only when the justification is ‘reasonable’ or ‘necessary,’ and requires that insurers provide only the minimum information necessary.”
They cited a comment from CVS that the request from OPM “raises substantial HIPAA compliance issues,” as well as a comment from the Association of Federal Health Organizations, that similarly stated the “collection raises significant HIPAA privacy and security rule compliance concerns.” Per the letter, 65 carriers provide coverage through the two programs.
Under President Donald Trump, the federal workforce has faced dramatic upheaval, including terminations, reductions-in-force, and incentivized resignation programs. Since the beginning of the Trump administration, the federal government is down 271,825 workers, according to figures from February — the most recent timeframe from OPM available at the time of publication.
Those policies have left the workforce feeling unduly villainized and “justifiably fearful” that information held by OPM could be weaponized against them, the lawmakers said.
The lawmakers also questioned the ability of OPM to safeguard such information, citing an infamous 2015 cyberattack against the federal workforce agency that exposed the information of roughly 22.1 million people. They further cited reports of an unknown server that was added to OPM’s networks and claims that Department of Government Efficiency (DOGE) workers sent files from OPM to third-party IP addresses outside the government.
“By collecting data currently held by 65 insurance carriers into one database, expanding OPM’s access to employee data to include detailed personal health information would significantly heighten the risk of misuse, unauthorized disclosure, or exploitation by bad actors,” the lawmakers wrote.
In addition to the House members, the data collection effort has also caught the attention of the American Federation of Government Employees (AFGE). On April 10, the union said it was “deeply alarmed” by the comment request from OPM. AFGE National President Everett Kelley similarly cited the concerns from CVS as well as legal experts, former OPM officials, and insurers.
“AFGE shares those concerns, and we go further. This proposal does not exist in isolation. It comes in the context of coordinated attacks on federal employees and repeated stretching of the legal boundaries for sharing sensitive personal data across government agencies,” Kelley said. “The question of what this administration intends to do with eight million Americans’ most private health information is not academic. It is urgent.”
Kelley, at the time, asked Congress to demand answers.
