Topics: Obamacare

Darrell Issa: HHS obstruction means healthcare.gov still vulnerable to hackers

By |
Beltway Confidential,Obamacare,Darrell Issa,Ashe Schow,Healthcare.gov,Computer hacking,Cybersecurity,Privacy

Personal information entered into healthcare.gov may still be at the mercy of hackers, according to House Oversight and Government Reform Committee Chairman Darrell Issa.

The California Republican, speaking with “Fox and Friends” host Brian Kilmeade, said the Department of Health and Human Services was obstructing justice by telling companies not to provide Issa's committee with information regarding website's vulnerabilities.

“And what’s amazing about it, Brian, is they’re saying, 73 days later, ‘Don’t provide information because it’s a roadmap to hackers,'” Issa said.

“Well, that means the vulnerabilities are still there today,” Issa continued. “Your personal information likely can be hacked on these websites today based on their refusal to let us see what was, in fact, pre-launch vulnerabilities.”

That allegation has serious implications for the thousands of Americans who have signed up for health insurance through healthcare.gov.

On Dec. 6, HHS sent a letter to Creative Computing Solutions Inc., the company contracted with providing security monitoring for the Centers for Medicare and Medicaid Services, telling the company not to provide information to Issa's committee.

Specifically, HHS warned CCSI that providing information to Issa’s committee could “imperil the security of personal and private consumer information on the healthcare.gov website.”

To further illustrate the danger, HHS told CCSI that information could provide “a roadmap to actors with malicious intent" — meaning hackers and scammers.

Issa responded to the letter by telling HHS “obstructing a Congressional investigation is a crime.”

In a statement released Wednesday, Issa cited federal obstruction laws and a federal statute that HHS broke by telling CCSI not to comply with Issa's committee.

“The federal obstruction laws reflect the fact that Congress’ right of access to information is constitutionally based and critical to the integrity and effectiveness of our oversight and investigative activities,” Issa said. “For that reason, it is widely understood that private citizens and companies cannot contract away their duty to comply with a congressional request for documents.

“Furthermore, the department’s instruction to CCSI and other contractors not to respond to congressional document requests runs afoul of a federal statute that prohibits interfering with an employees’ right to furnish information to Congress,” Issa continued. “Under that statute, any effort to enforce a contract that prevents a federal employee — or in this case, a contractor — from communicating with Congress is unlawful.”

If providing information regarding vulnerabilities that existed when healthcare.gov launched on Oct. 1 would aid hackers, then Issa is correct in assuming those vulnerabilities still exist today.

It’s a cautionary tale for those forced to purchase health insurance through the troubled website.

View article comments Leave a comment