This legislation aims to significantly restrict access to systems maintained by the Department of Health and Human Services that contain individually identifiable health information. It prohibits individuals from using, controlling, or accessing these **specified systems** unless they meet stringent eligibility requirements. The bill seeks to enhance the security and privacy of sensitive health data by limiting who can interact with these critical government systems. The bill establishes two main pathways for authorized access. Individuals who were already eligible and continuously accessing such systems as HHS officers, employees, or contractors prior to January 20, 2025, are largely grandfathered in. For all other individuals, access requires holding an appropriate **security clearance**, having at least one year of continuous civil service, completing specific privacy and cybersecurity training, and signing a written ethics agreement, among other conditions. Any knowing violation of these access restrictions, whether by accessing the system or authorizing such access, is subject to **criminal penalties**, including imprisonment for up to five years or fines. Furthermore, the Department of Health and Human Services Inspector General is mandated to investigate and report to Congress within 30 days on every instance of unauthorized use or access. These reports must detail the incident, assess risks to privacy and national security, and describe any stopped payments.