Top experts today gave members of the House Oversight & Government Reform Committee their thoughts about how hackers might try to attack HealthCare.gov.
Members of the committee unanimously voted to close the session to the public, to avoid giving hackers a tutorial on HealthCare.gov vulnerabilities.
The witnesses were Kevin Charest, chief information security officer at the U.S. Department of Health and Human Services and Milton Shomo, a principal information systems engineer at MITRE Corp., a company that’s tested HealthCare.gov security.
The written versions of the witnesses’ testimony aren’t classified documents, but the committee gave members of Congress numbered copies and prohibited members from making their own copies or taking the documents out of the hearing room.
Rep. Darrell Issa, R-Calif., the committee chairman, said in an opening statement that his staff has been unable to get information about HealthCare.gov security from HHS. He said his staff has had to rely on documents obtained from vendors, through subpoenas.
The documents suggest HHS opened HealthCare.gov to the public before data security officials thought it was ready, Issa said.