Top experts today gave members of the House Oversight &Government Reform Committee their thoughts about how hackers mighttry to attack HealthCare.gov.

|

Members of the committee unanimously voted to close the sessionto the public, to avoid giving hackers a tutorial on HealthCare.govvulnerabilities.

|

The witnesses were Kevin Charest, chief information securityofficer at the U.S. Department of Health and Human Services andMilton Shomo, a principal information systems engineer at MITRECorp., a company that’s tested HealthCare.gov security.

|

The written versions of the witnesses’ testimony aren’tclassified documents, but the committee gave members of Congressnumbered copies and prohibited members from making their own copiesor taking the documents out of the hearing room.

|

Rep. Darrell Issa, R-Calif., the committee chairman, said in anopening statement that his staff has been unable to get informationabout HealthCare.gov security from HHS. He said his staff has hadto rely on documents obtained from vendors, through subpoenas.

|

The documents suggest HHS opened HealthCare.gov to the publicbefore data security officials thought it was ready, Issa said.

|

Issa said his understanding is that, under the law, a high-levelfederal official can approve the launch of a website simply byagreeing to accept the risk that the site could have securityproblems, even if the site has failed security tests or hasundergone no tests.

|

“There is no protection against a judgment call,” Issa said.

|

Rep. Elijah Cummings, D-Md., the highest-ranking Democrat on thecommittee, noted that the hearing was the 23rd the committee’s heldon the Patient Protection and Affordable Care Act and PPACAimplementation.

|

HHS data security officials have assured Congress thatHealthCare.gov is secure and has not yet been the target of asuccessful attack, Cummings said.

|

See also:

Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.

  • Critical BenefitsPRO information including cutting edge post-reform success strategies, access to educational webcasts and videos, resources from industry leaders, and informative Newsletters.
  • Exclusive discounts on ALM, BenefitsPRO magazine and BenefitsPRO.com events
  • Access to other award-winning ALM websites including ThinkAdvisor.com and Law.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Allison Bell

Allison Bell, ThinkAdvisor's insurance editor, previously was LifeHealthPro's health insurance editor. She has a bachelor's degree in economics from Washington University in St. Louis and a master's degree in journalism from the Medill School of Journalism at Northwestern University. She can be reached at [email protected] or on Twitter at @Think_Allison.