US Rep. Ron Barber Moves to Beef Up Security for Healthcare.gov

Press Release

U.S. Rep. Ron Barber today persuaded his colleagues on the Committee on Homeland Security to direct the Department of Homeland Security to use a risk-based and performance-based approach when securing the federal healthcare website.

The committee today unanimously approved Barber's amendment to cybersecurity legislation that will give the Department of Homeland Security oversight of security for all civilian federal government websites -- including healthcare.gov.

"My amendment would give Southern Arizonans and all Americans the certainty and accountability they deserve in healthcare.gov and all federal information systems," Barber told members of the Committee on Homeland Security. "This amendment leaves no doubt that Congress intends for DHS to manage the federal civilian network in a way that targets real threats and vulnerabilities and keeps our constituents safe."

Barber is ranking member of the Oversight and Management Efficiency Subcommittee of the Committee on Homeland Security.

The amendment Barber added today builds upon bipartisan legislation the congressman introduced last month that would require the federal government to develop and put in place cybersecurity safeguards to protect individuals' personal health care information.

Barber last month introduced the Cyber Awareness and Recovery Enhancement (CARE) Act. The bill is cosponsored by U.S. Rep. Steve Daines, a Montana Republican.

The CARE Act would require the Department of Homeland Security to take the lead in developing cybersecurity standards for the healthcare.gov website. Those standards must be risk-based and performance-based and developed by DHS in conjunction with the Department of Health and Human Services.

The legislation also requires HHS to report to Congress annually on the number and nature of cyber incidents on the healthcare.gov website.

Today's amendment by Barber makes it clear that DHS must approach cybersecurity in way that focuses on real risk and real threats to government websites.

Source