Health and Human Services Chief Information Security Officer Chris Wlaschin is resigning effective March 31. An HHS official confirmed Wlaschin is leaving for personal reasons and said the decision was unrelated to any other matters.
However, the resignation comes amid allegations that Wlaschin treated two HHS employees improperly last fall.
A March 12 letter to HHS Secretary Alex Azar from Tully Rinckey Partner and attorney I. Charles McCullough III laid out the allegations on behalf of his clients, Deputy CISO Leo Scanlon and former Director of Healthcare Cybersecurity Communications and Integration Center (HCCIC) Maggie Amato.
According to the letter, Scanlon and Amato were removed from their positions without warning on Sept. 6, 2017 by Wlaschin, and reassigned to “unclassified temporary duties.” Wlaschin stated that this was so HHS could review allegations against them, and that both Scanlon and Amato were under investigation by the HHS Office of Inspector General.
Insight by Okta: This exclusive e-book highlights how identity and access management will continue to evolve as agencies face more aggressive cyber threats while keeping data and systems accessible.
Scanlon said in an email to Federal News Radio that this investigation was ostensibly looking into “ethics violations” allegedly committed by Scanlon and Amato.
Scanlon and Amato reported this and other information to Congress, gaining protected whistleblower status. However, according to the letter, Amato soon became the target of retaliation, eventually forcing her to resign. Around the same time, HHS placed Scanlon on administrative leave without explanation. The 120 day limit on administrative leave ended Feb. 18, according to the letter, but Scanlon was still on paid administrative leave as of March 12.
Recently, the letter said, Scanlon and Amato were made aware that the HHS OIG was not investigating them, and never had been.
Scanlon and Amato are requesting an audience with Secretary Azar to resolve the situation.