Two healthcare.gov contractors are defying requests from the Obama administration asking them not to cooperate with congressional investigators.
House Oversight and Government Reform Committee Chairman Darrell Issa (R-Calif.) arrives on Capitol Hill in Washington, Wednesday, Dec. 4, 2013, for the committee' hearing on the implementation of the Affordable Care Act’s healthcare.gov website. (AP/J. Scott Applewhite)
“Americans should be disturbed that this administration is trying to stop government contractors from providing Congress with documents related to the decision to launch healthcare.gov while known and serious security vulnerabilities were and still may be present,” House Oversight and Government Reform Committee Chairman Darrell Issa (R-Calif.) said in a statement Friday.
“The committee has told [the Department of Health and Human Services] that it will make needed consultations with security experts to ensure the protection of sensitive information,” Issa said. “The administration’s remaining objections are a specious effort to hide serious problems and reckless decision-making by officials.”
The committee has been seeking information on whether healthcare.gov adequately protects the private information of health care consumers signing up for the site. The oversight committee is seeking information from two security contractors, MITRE Corp., and Creative Computing Solutions Inc (CCSi).
Both of these companies announced Friday they would comply with congressional subpoenas despite pleas from administration officials not to do so.
On Thursday, Jim Esquea, assistant HHS secretary for legislation issued a letter to Issa saying his committee has a history of leaking information to the press.
"The committee's unwillingness to commit to undertake measures to address the security risks associated with further disclosure is troubling, particularly in light of reports that sensitive materials were disclosed through various investigations," Esquea said in the letter, according to The Hill.
The administration has said committee staff investigators can review the documents in a secure room but can't take them with them.
Esquea said the information in the documents “may pose a risk to the confidentiality of consumer information accessible through healthcare.gov."
“As we have explained through staff discussions and in our prior correspondence, these documents are highly sensitive in light of the substantial harm that could result if the information contained in them were accessed by determined actors seeking to compromise the security and functioning of the website,” Esquea wrote.
The Department of Health and Human Services sent a Dec. 4 letter to MITRE asking that they not share the information.
Earlier this month, MITRE CEO Alfred Grasso initially said they had provided redacted versions of the report. However on Friday, Grasso sent another letter to the committee stating the company would comply.
“MITRE continues to believe that HHS is the appropriate party to provide the Committee with the unredacted SCA documents you are seeking," Grasso said in a letter to Issa Friday. "Nonetheless, I understand from consultation with MITRE’s legal counsel that MITRE has no alternative but to comply with the terms of a congressional subpoena absent some form of judicial intervention.”
On Dec. 6, Daniel Kane, director of acquisitions and grants management for the Center for Medicare and Medicaid Services, sent a letter to CCSi to discourage the company from complying with Congress.
CCSi CEO Maggie Bauer wrote a Dec. 12 letter to Kane responding that the company would indeed cooperate with Congress and did not see it as optional.
“CCSi takes [its] contractual compliance and customer relations extremely seriously. To that end, CCSi has concluded, after consulting legal counsel, that the enclosed subpoena compels production of the documents requested and, therefore, falls outside the above-referenced contract clause and guidance letter from your office,” Bauer said. “A validly-issued congressional subpoena compelling the production of documents that are within CCSi’s possession is neither a ‘request’ for documents nor an ‘unauthorized’ disclosure of such documents.”