The top operational officer for the problem-plagued ObamaCare exchanges said in testimony before a House committee he found it “disturbing” that he was never made aware of significant security issues with the exchanges before they launched.
Henry Chao, the Deputy Chief Information Officer and Deputy Director of the Office of Information Services at the Centers for Medicare and Medicaid Services (CMS), said in an interview with the House Oversight and Reform Committee Nov. 1 that he was never given a Sept. 3, 2013 memo that detailed six security problems, including two designated as “open high findings.”
The committee released the interview Monday as part of its investigation into the problems with Healthcare.gov.
The committee said in a press release Chao expressed disbelief when he was first shown the memo, which was authored by CMS Chief Information Officer Tony Trenkle.
He told the committee he was surprised the CMS’s Chief Information Security Officer (CISO) allowed him to tell CMS Director Marilyn Tavvener in a Sept. 27 letter that the website was ready for launch without showing him the security memo.
“Well, why I'm surprised is that the CISO had me do this, file this process [September 27 memo to Tavenner] but don't copy me on the...letter,” Chao said in the interview. “I mean, wouldn't you be surprised if you were me?”
Chao told committee members he takes the security of the health care website very seriously, and is troubled by the revelation.
“It is disturbing,” Chao said. “I mean, I don't deny that this is…”
Chao is scheduled to testify at a hearing before the House committee Wednesday.