While Republicans continue to characterize HealthCare.gov as a brazen security hazard that could expose personal information to unnecessary risks, the Health and Human Services Department has its own concerns regarding a place of compromised security: the Oversight and Government Reform Committee.
On Thursday, HHS wrote a letter to the panel's chairman, Rep. Darrell Issa, R-Calif., regarding his committee's request for “unredacted copies of sensitive security testing documents prepared by the MITRE Corporation (MITRE), in connection with HealthCare.gov.”
The HHS assistant secretary for legislation, Jim R. Esquea, signaled that HHS was blocking MITRE from turning over the documents, which have been subpoenaed, over concerns that Issa would — as he has done in the past — leak the documents to the public, potentially giving hackers a road map to the "potential vulnerabilities in the cyber defenses."
“To be clear, this is not a question of whether [HHS] will share this information with the Committee — we have already done so and will continue to make the documents available for your review,” the letter said. “Rather, it is a question of whether the Committee will work with us to ensure the sensitive information contained in these documents is adequately protected.”
Oversight and Government Reform staff have been able to review the documents in a secure space, but they have not been given copies. While they’ve had “in camera” sessions with the documents at HHS, they haven’t been able to leave the building with their notes.
That has left Issa unsatisfied.
“It’s an unacceptable violation of law and a dangerous precedent for any administration to tell a private company not to respond to a lawful subpoena,” a spokesman for the Oversight and Government Reform Committee, Frederick Hill, told CQ Roll Call on Thursday.
“I would draw a parallel to the obstacles that this administration throws at our committee to the obstacles it throws at journalists that are trying to tell the American people what’s really happening in their government,” Hill said, referring to the recent controversy regarding the Obama administration’s restricted access for reporters.
But HHS points out that Issa has a history with releasing documents.
The ranking Democrat on Oversight and Government Reform, Rep. Elijah E. Cummings of Maryland, leaked parts of a transcript from an Issa interview with State Department officials in which Issa called State Department concerns about sensitive information regarding the Benghazi, Libya, attack “crap.”
On Thursday, the Oversight and Government Reform panel basically maintained that line.
Hill called that attack on Issa “kind of a misfire.” He said the names the administration claimed were compromised when Issa leaked documents related to Benghazi were “actually on State Department-associated websites.”
“That was said when the administration only wanted to selectively leak portions of information related to the Benghazi attack while hiding the security failures and flawed statements that had been made to the American people,” Hill said.
“I think there’s little doubt that Elijah Cummings would have preferred that none of the failures in the Benghazi attack were ever exposed,” Hill continued. “He would have preferred that it was just kept quiet.”
As for Esquea’s claim that the committee’s “unwillingness to commit to undertake measures to address the security risks associated with further disclosure is troubling, particularly in light of reports that sensitive materials were disclosed through various investigations,” Hill noted that the committee has already been informed by HHS that it possesses information that, if leaked, poses a security risk.
Given that, he said, their argument doesn’t make much sense.
The subpoena has a return date of noon Friday, which, judging by the letter, the administration has no intention of meeting. The letter calls that timeline "an impossibly narrow window for our staffs to engage in a productive dialogue."
Meanwhile, MITRE told Issa and the committee on Dec. 4 that the documents they seek are “under contract” to the Centers for Medicare and Medicaid Services.
Steven T. Dennis contributed to this report.