Amid Leadership Changes at HHS, Former Deputy CISO Speaks Out on Cybersecurity Center Controversy | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Amid Leadership Changes at HHS, Former Deputy CISO Speaks Out on Cybersecurity Center Controversy

March 26, 2018
by Heather Landi
| Reprints
Former HHS Deputy CISO Scanlon says the HCCIC, which played such a promising role during the WannaCry incident, has been "derailed"
Click To View Gallery

Over the past seven months, there have been a number of events that have upended top technology and cyber leadership at the U.S. Department of Health and Human Services (HHS), and some healthcare leaders are questioning the status of HHS’s cyber operations center, which launched just last June.

Now, there are reports that there will be a new HHS chief information security officer (CISO) to replace Chris Wlaschin, who is resigning from the role effective March 31.

According to reports from Federal News Radio, Janet Vogel, currently the deputy chief information officer at the Centers for Medicare & Medicare Services (CMS), will be replacing Wlaschin, who announced he was stepping down for personal reasons.

However, Wlaschin’s resignation, and the leadership changes in the agency’s top cyber position, come amid an almost seven-month-long controversy over HHS’ fledging cyber operations center and the ousting of the center’s top leaders last fall. The center’s director, Maggie Amato, has since resigned, and the former deputy CISO, Leo Scanlon, has been on involuntary leave for the past six months. In a letter provided by their attorney, Charles McCullough, III, both Scanlon and Amato contend that there was no legitimate basis for their reassignments, and that they were retaliated against as whistleblowers.

The Healthcare Cybersecurity Communications Integration Center (HCCIC), which went live at the end of June 2017, was established to protect the nation’s healthcare system from cyber attack. HCCIC focuses its efforts on analyzing and disseminating cyberthreats across the healthcare industry in real time. Wlaschin has been overseeing the cyber center in Amato and Scanlon’s absence. According to an interview with Nextgov, Wlaschin said his resignation was entirely for personal and family reasons, and unrelated to disputes over the HCCIC.

When Healthcare Informatics contacted HHS regarding whether there was or had been an Office of the Inspector General (OIG) investigation into allegations against Scanlon and Amato or an investigation into reprisal complaints from Scanlon and Amato, an agency spokesperson responded via email, “At this time, I cannot confirm or deny OIG investigations into Scanlon or Amato, nor can I confirm or deny the existence or receipt of any whistleblower complaints.”

The controversy regarding top tech and cyber positions at HHS is a tangled web of personal and policy disputes, and, according to Scanlon in a published statement provided by his attorney, the net effect of the reassignments has been that “the HCCIC initiative, which played such an important and promising role during the WannaCry incident, has been derailed.” Further, Scanlon states that “the Critical Infrastructure Protection Program of HHS once again lacks a cybersecurity component, and the NH-ISAC [National Health Information Sharing and Analysis Center] has no functioning partners in the agency.”

Top Leaders Reassigned

According to multiple media reports back in November, the fledging HCCIC became the center of a rumored investigation into contracting irregularities and possible fraud allegations. An anonymous complaint was lodged, alleging contracting improprieties with regards to steering a no-bid contract to an individual with personal connections to Amato. Scanlon was put on administrative leave back in September, and Amato left the government. 

According to an article written by Politico’s Darius Tahir back in November, “An HHS official says the agency is investigating irregularities and possible fraud in contracts they signed. The two executives, Leo Scanlon and Maggie Amato, allege they were targeted by disgruntled government employees and private-sector companies worried the cyber center would take away some of their business.”

In his published statement provided through his attorney, Scanlon, who is still on administrative leave, wrote: “Over 200 days ago, Chris Wlaschin removed Maggie Amato and I from our positions as the leaders of the HHS HCCIC. He cut us off from colleagues, denied us access to HHS facilities, removed our security clearances, and told agency officials, the Congress and the media that this was a response to an ongoing investigation by the OIG into anonymous and unsubstantiated allegations directed against OCIO [office of the chief information officer] staff and leadership. These allegations were spread by HHS employees who sought to stop the HCCIC initiative. Wlaschin took his actions without recommendations from any investigative entity, and in fact, without any investigation being underway at all.”

In a March 12 letter to HHS Secretary Alex Azar, McCullough, a partner with Washington, D.C.-based Tully Rinckey, LLC, and who represents both Scanlon and Amato, wrote that he wanted to call Azar’s attention to “significant irregularities and possible violations of law" carried out by HHS in the treatment of these employees. According to McCullough’s letter, Scanlon and Amato were removed from their positions, without warning, on September 6 by Wlaschin and reassigned to “unclassified temporary duties.”

McCullough also wrote in the letter to Sec. Azar that Wlaschin “stated under oath that the allegations against Scanlon and Amato were being investigated by the HHS Office of Inspector General.”


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More