Top experts today gave members of the House Oversight & Government Reform Committee their thoughts about how hackers might try to attack HealthCare.gov.
Members of the committee unanimously voted to close the session to the public, to avoid giving hackers a tutorial on HealthCare.gov vulnerabilities.
The witnesses were Kevin Charest, chief information security officer at the U.S. Department of Health and Human Services and Milton Shomo, a principal information systems engineer at MITRE Corp., a company that’s tested HealthCare.gov security.
The written versions of the witnesses’ testimony aren’t classified documents, but the committee gave members of Congress numbered copies and prohibited members from making their own copies or taking the documents out of the hearing room.
Rep. Darrell Issa, R-Calif., the committee chairman, said in an opening statement that his staff has been unable to get information about HealthCare.gov security from HHS. He said his staff has had to rely on documents obtained from vendors, through subpoenas.
The documents suggest HHS opened HealthCare.gov to the public before data security officials thought it was ready, Issa said.
Issa said his understanding is that, under the law, a high-level federal official can approve the launch of a website simply by agreeing to accept the risk that the site could have security problems, even if the site has failed security tests or has undergone no tests.
“There is no protection against a judgment call,” Issa said.
Rep. Elijah Cummings, D-Md., the highest-ranking Democrat on the committee, noted that the hearing was the 23rd the committee’s held on the Patient Protection and Affordable Care Act and PPACA implementation.
HHS data security officials have assured Congress that HealthCare.gov is secure and has not yet been the target of a successful attack, Cummings said.
Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.
Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.