Rubio and Grassley are specifically asking the HHS IG for the following:
- A review of Centers for Medicare and Medicaid Services (CMS) payments to determine whether it has made payments for Americans’ genetic testing to U.S. entities with partnerships to BGI, WuXi and any other company with ties to the Chinese government;
- To determine whether CMS considers national security risks when determining whether payments are permissible to providers with partnerships with these Chinese-affiliated companies; and,
- That the IG make recommendations to CMS and to Congress on ways to mitigate national security risks related to Americans’ genomic data with respect to CMS payments.
The full text of the letter is below.
Dear Acting Inspector General Chiedi:
According to a February 2019 report released by the U.S. Department of Health and Human Services Office of the Inspector General (OIG), the Federal Bureau of Investigation (FBI) has identified national security risks related to sharing genomic data, and recognizes China as a country as a primary source of those risks. The report raises concerns that the National Institutes of Health (NIH) gave access to U.S. genomic data to for-profit companies from China, including WuXi Nextcode Genomics (WuXi) and Shenzhen BGI Technology Company (BGI), “even though the FBI has identified those companies as having ties to the Chinese Government.” We agree with your office’s recommendations for the NIH to work with national security experts to assess the potential consequences of providing foreign entities access to Americans’ genomic information. We also support your efforts to bring this issue to the NIH’s attention and its recommendation that NIH work to mitigate these risks.
We are equally concerned that CMS may be providing payments for genetic testing or analysis to U.S. entities that have domestic partnerships with WuXi, BGI, and other genomics companies with ties to the Chinese government. In 2016, WuXi was the first genetic sequencing facility in China to gain CLIA (Clinical Laboratory Improvement Amendments) certification from CMS. It has since gained a foothold in the U.S. Similarly, BGI has publicly announced partnerships with leading American health care systems, including those that accept Medicare and Medicaid patients. In 2013, BGI acquired Complete Genomics, a U.S. company which later became part of MGI Tech (MGI), a BGI subsidiary. In March 2019, MGI announced plans to expand into the U.S. market by the end of 2019, making it all the more necessary for the OIG to determine whether CMS has the proper security protocols in place to protect Americans’ genetic information.
Both BGI and WuXi also have publicly touted their partnerships with Huawei to expand genomic analytics. As you know, Huawei is a State-directed Chinese telecommunications company that, according to the heads of six U.S. intelligence agencies including the CIA, FBI, NSA, and the Director of National Intelligence, possesses the capabilities to “maliciously modify or steal information” and “to conduct undetected espionage.” This is the same company that the U.S. recently charged with conspiring to defraud our nation and stealing trade secrets, among other crimes. WuXi and BGI’s U.S.-based partnerships give them unique access to genomic data, including Americans’ genomic data. Therefore, it is particularly alarming that these two companies have partnered with Huawei.
As of March 2019, the Congressional Budget Office estimates that the federal government’s gross spending on Medicare in 2018 was $712 billion, while federal Medicaid expenditures were $389 billion, not including the states’ Medicaid spending. Together, these two programs totaled more than $1.1 trillion in federal outlays in 2018 – far more than federal funding to the NIH. Taxpayers cover the costs of CMS payments. Accordingly, they have every right to know if their money has gone to entities connected to the Chinese government.
We therefore request that the OIG, in coordination with relevant Intelligence Community agencies, review CMS payments to determine whether it has made payments for genetic testing to U.S. entities with partnerships to BGI, WuXi and any other company with ties to the Chinese government. We also request that the OIG determine whether the CMS considers national security risks when determining whether payments are permissible to providers with partnerships with these Chinese-affiliated companies. Finally, we ask that the OIG make recommendations to CMS and to Congress on ways to mitigate national security risks related to Americans’ genomic data with respect to CMS payments.