Tomorrow’s Obamacare Controversy, Today

A memo obtained by National Journal will likely be the GOP’s next weapon against the health care law, but in context it’s more bark than bite.

Rocky rollout: HealthCare.gov.
(C)2012 RICHARD A BLOOM
Alex Seitz Wald
Add to Briefcase
Alex Seitz-Wald
Dec. 24, 2013, 9:16 a.m.

If past is pre­ced­ent, Re­pub­lic­ans on the House Over­sight Com­mit­tee will soon re­lease a draft memo they re­ques­ted and re­ceived from the Health and Hu­man Ser­vices De­part­ment just be­fore most Wash­ing­to­ni­ans de­camped for the Christ­mas hol­i­day.

At first glance, the memo, ob­tained by Na­tion­al Journ­al, looks very bad for the Obama ad­min­is­tra­tion. In the Sept. 24 doc­u­ment, a top in­form­a­tion se­cur­ity of­ficer for the agency over­see­ing the Obama­care in­sur­ance ex­changes warns that the mar­ket­place “does not reas­on­ably meet … se­cur­ity re­quire­ments” and that “there is also no con­fid­ence that Per­son­al Iden­ti­fi­able In­form­a­tion (PII) will be pro­tec­ted.” Teresa Fry­er, the chief in­form­a­tion se­cur­ity of­ficer at the Cen­ters for Medi­care and Medi­caid Ser­vice, con­tin­ues: The fed­er­al mar­ket­place will likely “not be ready to se­curely sup­port the Af­ford­able Care Act … by Oc­to­ber 1, 2013.”

It plays right in­to the Re­pub­lic­an nar­rat­ive about Health­Care.gov: The ad­min­is­tra­tion knew the web­site would not be ready by the launch date but went ahead with it any­way. And the site may still not be ad­equately pro­tect­ing con­sumers’ in­form­a­tion.

But, in con­text, the draft memo be­comes much less ex­cit­ing.

On the Fri­day be­fore Christ­mas, Rep. Dar­rell Issa, the chair­man of the House Over­sight Com­mit­tee, re­leased a par­tial tran­script from an in­ter­view con­duc­ted by the pan­el’s staff with Fry­er. That par­tial tran­script, shared with ABC and CBS, sug­ges­ted that Fry­er warned the ad­min­is­tra­tion that there were two find­ings of ser­i­ous vul­ner­ab­il­it­ies in the sys­tem.

However, when Demo­crats on the Over­sight Com­mit­tee re­leased parts of the tran­script omit­ted from Issa’s ver­sion, Fry­er’s com­ments looked far less ex­plos­ive, and ABC up­dated its story to re­flect the change. It turns out that by Sept. 27, a few days after Fry­er raised her con­cerns about the se­cur­ity at launch, ex­tens­ive new se­cur­ity meas­ures were ad­ded.

As she told the com­mit­tee’s in­vest­ig­at­ors, “The ad­ded pro­tec­tions that we have put in­to place in ac­cord­ance with the risk de­cision memo “¦ are best prac­tices above and bey­ond what is usu­ally re­com­men­ded.” She went on to de­scribe her con­fid­ence in the three-level se­cur­ity sys­tem and to note that there have been “no suc­cess­ful breaches [or] se­cur­ity in­cid­ents.”

Which brings us back to the draft memo we ob­tained. We should note that it was just a draft, and was nev­er sent or re­viewed by more seni­or of­ficers in the chain of com­mand, and was writ­ten three days be­fore the mit­ig­a­tion strategies went in­to ef­fect. She later told Over­sight Com­mit­tee in­vest­ig­at­ors that her earli­er re­com­mend­a­tion against giv­ing the go-ahead to launch the site — the “au­thor­ity to op­er­ate,” as it’s called — did not take in­to ac­count the mit­ig­a­tion strategies laid out in the Sept. 27 Au­thor­ity to Op­er­ate memo.

The in­vest­ig­at­ors asked Tony Trenkle, then-CMS’ top in­form­a­tion ex­ec­ut­ive, this: “So as long as the mit­ig­a­tion strategy de­scribed in the [ATO] memo was car­ried out, you con­sidered that it was, it would be suf­fi­cient to mit­ig­ate the risks de­scribed in the memo?” He re­spon­ded, “Yes.”

She ad­ded that she was “sat­is­fied” with the cur­rent se­cur­ity test­ing, and that she did not ob­ject when an­oth­er CMS in­form­a­tion se­cur­ity of­ficer de­cided to move ahead with the launch. Again, she stated: “All sys­tems are sus­cept­ible to at­tacks. There have been no suc­cess­ful at­tempts.”

As the Los Angeles Times‘ Pulitzer Prize-win­ning busi­ness colum­nist Mi­chael Hiltzik noted, “Issa has ab­so­lutely no evid­ence” to sup­port his broad­er claims that the sys­tem’s deep vul­ner­ab­il­it­ies put all kinds of con­sumers’ gov­ern­ment data at risk, and that CMS moved ahead any­way to avoid em­bar­rass­ing the White House.

Of course, sleight of hand with opaque bur­eau­crat­ic doc­u­ments is noth­ing new for Issa, but the po­ten­tial to dis­suade Amer­ic­ans from ob­tain­ing health in­sur­ance through the fed­er­al ex­changes be­cause of trumped up se­cur­ity fears has pushed re­la­tions between the com­mit­tee chair and the ad­min­is­tra­tion to a new low. It’s one thing to say without evid­ence that the ad­min­is­tra­tion is cor­rupt, but it’s an­oth­er to tell Amer­ic­ans that their So­cial Se­cur­ity num­ber is at risk when there’s noth­ing to sug­gest that’s true.

But per­haps we can head off an­oth­er round of this farce by put­ting out Fry­er’s memo be­fore Issa does — in its full con­text.

Cor­rec­tion: An earli­er ver­sion of this story misat­trib­uted Trenkle’s quote to Fry­er. It has been up­dated.

What We're Following See More »
DOCUMENTS OBTAINED BY U.S. INTEL
Putin-Linked Think Tank Developed Plan to Influence U.S. Election
3 days ago
THE LATEST

A Russian government think tank run by Putin loyalists "developed a plan to swing the 2016 U.S. presidential election to Donald Trump and undermine voters’ faith in the American electoral system." Two confidential documents from the Putin-backed Institute for Strategic Studies, obtained by U.S. intelligence, provide "the framework and rationale for what U.S. intelligence agencies have concluded was an intensive effort by Russia to interfere with the Nov. 8 election."

Source:
HELPED WIN FISA APPROVAL
FBI Relied on Dossier Allegations to Monitor Page
4 days ago
THE LATEST

"The FBI last year used a dossier of allegations of Russian ties to Donald Trump's campaign as part of the justification" to monitor Carter Page, who was then a defense adviser to the Trump campaign. "The dossier has also been cited by FBI Director James Comey in some of his briefings to members of Congress in recent weeks."

Source:
AIR FORCE SCRAMBLES JETS IN RESPONSE
Russian Bombers Fly Near Alaska
5 days ago
WHY WE CARE
A MESSAGE TO RUSSIA?
Pentagon Deploying F-35s to Europe
1 weeks ago
THE LATEST

"The Air Force is set to deploy its high-tech, fifth-generation F-35A fighter jets to Europe this weekend as part of an effort to assure U.S. allies there who are worried about Russian aggression." The new, state-of-the-art fighters will train with European air units. "The Pentagon noted that the deployment had been long planned, meaning it was not a reaction to recent increasing tensions between the United States and Russia," although a statement noted the move is part of the "European Reassurance Initiative," which began three years ago when Russia annexed Crimea.

Source:
NOT ON SCHEDULE
Tillerson Meets Putin
1 weeks ago
BREAKING
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login