By Jonathan Easley - 01/08/14 04:51 PM EST
House Oversight Committee Chairman Darrell Issa (R-Calif.) on Wednesday accused Health and Human Services (HHS) Secretary Kathleen SebeliusKathleen SebeliusFighting for assisted living facilities The chaotic fight for ObamaCare California exchange CEO: Insurers ‘throwing ObamaCare under the bus’ MORE of providing “false and misleading” testimony to Congress and threatened to open an investigation.
In a letter to Sebelius, Issa said he would give her an opportunity to “clarify or amend” her testimony prior to “further investigative action by the Committee.”
“With that in mind, I write to request that you correct the record and to implore you to be truthful with the American public about matters pertaining to ObamaCare going forward,” he continued.
The 12-page letter details testimony Sebelius gave before the Oversight panel that Issa says differs from his independent investigation into security testing of HealthCare.gov before its launch.
Issa said he would give Sebelius time to review and alter her testimony before moving ahead with an investigation.
“Prior to further investigative action by the Committee, we thought it prudent to write you and invite you to reflect on your testimony,” he wrote. “Should it be necessary to clarify or amend your testimony, then we request you do so as quickly as possible.
HHS spokeswoman Joanne Peters said the agency had received the letter and would respond directly to the committee.
She said Issa was seeking to rehash settled testimony based on “partial transcript excerpts” and defended the website’s security controls.
“The HealthCare.gov components that are operational have been determined to be compliant with the Federal Information Security Management Act (FISMA), based on standards promulgated by the National Institutes of Standards and Technology (NIST),” she wrote.
“There have been no successful security attacks on Healthcare.gov and no person or group has maliciously accessed personally identifiable information,” she continued. “An independent security control assessor tested each piece of the Healthcare.gov system that went live October 1 prior to that date with no open high findings. All high, moderate and low security risk findings listed on the SCAs for the portions of the website that launched October 1 were either fixed, or have strategies and plans in place to fix the findings that meet industry standards.”
Representatives from HHS also pointed to a statement in late December from Rep. Elijah Cummings (Md.), in which the Democrat accused Issa of peddling “partial and misleading information.”
“This effort to leak cherry-picked information is part of a deliberate campaign to scare the American people and deny them the quality affordable health insurance to which they are entitled under the law,” Cummings said at the time.
In addition, the administration said a draft memo warning of potential security testing flaws, cited by Issa in his letter to Sebelius, was merely a draft, and never went out.
Caught in the dispute is MITRE Corp., a contractor working to assess security issues with the ObamaCare website.
Issa says Sebelius’s claims that MITRE conducted ongoing security testing that didn’t raise any red flags before the HealthCare.gov launch is false.
Last year, Issa subpoenaed documents from the company, after the administration allowed his staffers to review some reports in a secure room, rather than turning over physical copies of the document.
Democrats argued the documents contained highly sensitive material that could compromise HealthCare.gov’s security. They said Issa had a history of leaking confidential information in a way that promotes “inaccurate” media coverage and therefore couldn’t be trusted with the documents.
MITRE ultimately complied with the subpoena.
— This story was updated at 11:14 a.m. on Jan. 9.