Hearing of the Oversight Subcommittee of the House Science, Space, and Technology Committee - The Role of the White House Chief Technology Officer in the HealthCare.gov Website Debacle


Date: Nov. 19, 2014
Location: Washington, DC

Good morning. I want to thank my colleagues for being here today and I want to
especially thank our witness for his presence -- we have been waiting a very long time to question you, sir.

In fact, the Committee has invited you to testify before us on five different occasions. We wrote directly to you, Mr. Park, as well as to the Director of the Office of Science and Technology Policy. None of those invitations elicited the "yes" response we got as a result of issuing you a subpoena.

In the course of our correspondence, several claims were made by OSTP as to why you were not the individual to answer the Committee's questions, such as:

* That you and OSTP personnel have not been substantially involved in developing or
implementing the Federally Facilitated Marketplace's security measures;

* That you did not develop or approve the security measures in place to protect the website;

* That you do not manage those responsible for keeping the site safe; and

* That you are not a cybersecurity expert -- which is an interesting description of you to say the least. You are the co-founder of Athenahealth, which you co-developed into one of the most innovative health IT companies in the industry. As a government employee, you helped launch the President's Smarter IT Delivery Agenda, which created the new U.S. Digital Service…and you created the beta version of HealthCare.gov - how do these activities not require cybersecurity expertise?

Further, on November 13, 2013, in testimony before the Committee on Oversight and Government Reform, you said that you did not "actually have a really detailed knowledge base" of the website before it was launched, and that you were "not deeply familiar with the development and testing regimen that happened prior to October 1."

However, the Committee has in its possession documents that appear to contradict much of what you have said in your prior Congressional appearance, as well as what OSTP has explained to this Committee.

But these documents were not easy to come by, despite requesting them in a letter last December, and despite preparing to ask about them in a briefing OSTP arranged on your behalf in September -- a briefing that was cancelled the evening before it was scheduled to take place when your colleagues were informed it would be transcribed.

Mr. Park, I find your and the White House's lack of transparency intolerable and an obstruction to this Committee's efforts to conduct oversight. It took a subpoena to get you here. It took another subpoena to compel your documents from the White House, but even with that, we have yet to receive all of your documents in compliance with our subpoena issued on September 19th, exactly two months ago. As a gesture of good faith, Committee staff have engaged in multiple in camera reviews with White House lawyers, yet there are still documents being withheld from the Committee without a claim of a legally recognized privilege. That begs the question -- what are you hiding, Mr. Park?

I have some theories about the answer to that question. Perhaps it is that you knew there were serious problems with HealthCare.gov prior to the launch but you did not convey them up the chain in your briefings with the President. Or, perhaps you did, and they were ignored because of this Administration's relentless pursuit to launch HealthCare.gov on October 1, 2013, no matter what the consequences.

Now here we are, a year later and fresh into the beginning of the second Open Enrollment, with questions that still remain about this $2 billion dollar debacle you are credited with fixing - a debacle that, I might add, got hacked this summer and that, according to a recent Government Accountability Office report, still has weaknesses "both in the processes used for managing information security and
privacy, as well as the technical implementation of IT security controls."

We look forward to this opportunity to ask you some of our questions.

Before I yield to Mr. Swalwell for his opening statement, let me just add that this is likely my last time chairing an Oversight Subcommittee hearing, and I would like to thank my friends on both sides of the aisle - especially Chairman Smith - for a productive two years of hard work on this Subcommittee. I wish you all well next year, and I now recognize Mr. Swallwell.