Senators question need for HHS cyber office

Senators question need for HHS cyber office

A bipartisan pair of lawmakers is questioning President Trump’s health chief on the need for a new cybersecurity office focused on the healthcare sector.

Sens. Ron JohnsonRonald (Ron) Harold JohnsonHillicon Valley: Twitter CEO Jack Dorsey sits down with The Hill | Drama over naming DHS cyber office | Fallout over revoking Brennan's security clearance | Google workers protest censored search engine for China Name change eludes DHS cyber wing, spurring frustration Trump draws bipartisan fire over Brennan MORE (R-Wis.) and Claire McCaskillClaire Conner McCaskillSchumer to meet with Kavanaugh on Tuesday GOP leader criticizes Republican senators for not showing up to work Election Countdown: GOP worries House majority endangered by top of ticket | Dems make history in Tuesday's primaries | Parties fight for Puerto Rican vote in Florida | GOP lawmakers plan 'Freedom Tour' MORE (D-Mo.) both raised concerns at a hearing Wednesday that the new information-sharing effort at the Department of Health and Human Services (HHS) could be duplicating functions of a separate organization within the Department of Homeland Security (DHS).

Chris Wlaschin, the chief information security officer at HHS, previewed the effort in April. He described it as a health-focused version of the National Cybersecurity and Communications Integration Center (NCCIC) at the DHS and said it would be operational this month.

The HHS office, called the Health Cybersecurity and Communications Integration Center (HCCIC), is funded in the administration’s fiscal 2018 budget proposal under the $72 million allotted for the department’s cybersecurity efforts.

Johnson and McCaskill, who lead the Senate Homeland and Governmental Affairs Committee, wrote to HHS Secretary Tom Price on Wednesday asking for more information about the center, including documents demonstrating the need for it.

“We are interested in learning more about the HCCIC’s purpose and how it will interact with the NCCIC, the rest of the federal government, and the private sector without duplicating efforts already underway by the Department of Homeland Security,” they wrote.

The inquiry followed an oversight hearing during which both senators raised concerns about the possibility that the initiative could be duplicating efforts of the DHS center.

“You have different agencies of government asking the same questions,” Johnson observed.

In 2015, Congress passed legislation designating the DHS as the hub for sharing information on cyber threats with the private sector.

Wlaschin said during an April health forum in Washington that the center would be just like the DHS information-sharing office, “only focused on healthcare.”

“We’ve provided grants to the National Health Information Sharing and Analysis Center to encourage a broad participation … that not just tries to reduce the noise — there’s so much noise out there about cyber threats to security and privacy — but to analyze those and deliver best practices and the two or three things that a small provider, a small office, a doc in a box can do to protect his patient’s privacy and information security around those systems,” he said, according to Federal News Radio.

The senators asked Price for a response by mid-July.