A bipartisan pair of lawmakers is questioning President Trump’s health chief on the need for a new cybersecurity office focused on the healthcare sector.
Sens. Ron JohnsonRonald (Ron) Harold JohnsonThe Hill's Morning Report - Presented by Alibaba - Democrats argue price before policy amid scramble Liberal group launches campaign urging Republicans to support Biden's agenda Domestic extremists return to the Capitol MORE (R-Wis.) and Claire McCaskillClaire Conner McCaskillRepublicans may regret restricting reproductive rights Sunday shows preview: States deal with fallout of Ida; Texas abortion law takes effect Giuliani to stump for Greitens in Missouri MORE (D-Mo.) both raised concerns at a hearing Wednesday that the new information-sharing effort at the Department of Health and Human Services (HHS) could be duplicating functions of a separate organization within the Department of Homeland Security (DHS).
Chris Wlaschin, the chief information security officer at HHS, previewed the effort in April. He described it as a health-focused version of the National Cybersecurity and Communications Integration Center (NCCIC) at the DHS and said it would be operational this month.
The HHS office, called the Health Cybersecurity and Communications Integration Center (HCCIC), is funded in the administration’s fiscal 2018 budget proposal under the $72 million allotted for the department’s cybersecurity efforts.
Johnson and McCaskill, who lead the Senate Homeland and Governmental Affairs Committee, wrote to HHS Secretary Tom Price on Wednesday asking for more information about the center, including documents demonstrating the need for it.
“We are interested in learning more about the HCCIC’s purpose and how it will interact with the NCCIC, the rest of the federal government, and the private sector without duplicating efforts already underway by the Department of Homeland Security,” they wrote.
The inquiry followed an oversight hearing during which both senators raised concerns about the possibility that the initiative could be duplicating efforts of the DHS center.
“You have different agencies of government asking the same questions,” Johnson observed.
In 2015, Congress passed legislation designating the DHS as the hub for sharing information on cyber threats with the private sector.
Wlaschin said during an April health forum in Washington that the center would be just like the DHS information-sharing office, “only focused on healthcare.”
“We’ve provided grants to the National Health Information Sharing and Analysis Center to encourage a broad participation … that not just tries to reduce the noise — there’s so much noise out there about cyber threats to security and privacy — but to analyze those and deliver best practices and the two or three things that a small provider, a small office, a doc in a box can do to protect his patient’s privacy and information security around those systems,” he said, according to Federal News Radio.
The senators asked Price for a response by mid-July.