On Tuesday, House Oversight and Government Reform Committee Chairman Darrell Issa (R-CA) sent a letter to Health and Human Services Secretary Kathleen Sebelius accepting an offer to meet with the White House to discuss security vulnerabilities with regard to HealthCare.gov. “CMS and HHS knew that HealthCare.gov was vulnerable yet your statements have not given the American people a fair and accurate assessment of known risks,” Issa wrote.
The White House had implied that Issa had turned down a meeting on HealthCare.gov; Issa wrote, “Contrary to the assertion made by the White House, neither I nor anyone on my staff has expressed an unwillingness to meet with you for a discussion about both the ongoing security vulnerabilities…as well as the rationale for proceeding on October 1, 2013.” Issa continued by noting that his staff had said “repeatedly” that it would “welcome a page by page discussion” of the relevant documents.
Issa pointed out that vulnerabilities continue to this day: “Of the 28 separate security vulnerabilities identified in the October 11 report, MITRE reported that 19 remained unaddressed.” Those vulnerabilities include allowing “any malicious user” the ability to “perform unauthorized functions” with a certain requisite level of knowledge.