WASHINGTON, DC - The Subcommittee on Health, chaired by Rep. Joseph Pitts (R-PA), has announced a hearing for Wednesday, May 25, 2016, at 10 a.m. in room 2123 of the Rayburn House Office Building. The hearing is entitled, “Examining Cybersecurity Responsibilities at HHS."
As a result of an investigation launched in December 2013 to examine information security at the FDA, majority committee staff found serious weaknesses in the information security programs at HHS. Examination of these incidents revelaed that many shared a root cause - the subordination of information security to information operations, as a result of the organizational structure in place at HHS with regards to its Chief Information Officer (CIO) and Chief Information Security Officer (CISO). The hearing will explore HHS’s current organizational structure and its consequences, and will discuss legislation that would elevate and empower the HHS CISO, H.R. 5068, the HHS Data Protection Act, authored by committee members Rep. Billy Long (R-MO) and Rep. Doris Matsui (D-CA).
“The committee’s investigation uncovered problems that were much more persistent and pervasive than previously thought," said Chairman Pitts. “After identifying these information security problems, the committee’s report concluded that HHS’s current organizational structure is partly to blame. Members will have the opportunity to examine that structure and explore alternatives at this hearing."
The Majority Memorandum, witness list, and witness testimony will be available here as they are posted. Related Items
* Examining Cybersecurity Responsibilities at HHS
