Affiliates from Elon Musk’s Department of Government Efficiency (DOGE) have secured deep access to 19 sensitive systems within the Department of Health and Human Services (HHS), according to a recent federal court filing. This disclosure reveals that nine of these systems were previously undisclosed, granting DOGE operatives oversight of critical infrastructure ranging from Medicare accounting to high-volume medical data warehouses.
Unprecedented Access to Federal Financial and Health Infrastructure
The extent of DOGE’s integration into HHS operations includes entry into the Healthcare Integrated General Ledger Accounting System (HIGLAS), a primary financial hub that manages federal grants and payments for the Centers for Medicare and Medicaid Services (CMS). Legal experts and advocates warn that this level of access grants DOGE the theoretical power to disrupt or halt Medicaid payments to individual states, a move that could paralyze healthcare delivery for the nation’s most vulnerable populations.
The American Federation of Labor and Congress of Industrial Organizations (AFL-CIO) continues to pursue a lawsuit to limit this data exposure. Plaintiffs argue that federal agencies have granted “unfettered, on-demand access” to personal records by simply invoking the phrase “waste, fraud, and abuse.” Legal representatives for the labor group contend that these terms do not grant legal authority to bypass established privacy protections for citizens’ most sensitive information.
Systemic Risks to Healthcare Stability
Public health experts express grave concerns regarding the operational impact of this oversight. Jeffrey Levi, an emeritus professor at George Washington University, emphasizes that any delay in payments to the healthcare system threatens the continuity of care. Rural hospitals and Federally Qualified Health Centers, which operate with razor-thin financial margins and rely heavily on Medicare and Medicaid reimbursements, face the highest risk of destabilization.
The court filing identifies several DOGE affiliates with active system access, including Luke Farritor, Marko Elez, and Edward Coristine. Coristine’s involvement has drawn particular scrutiny due to his previous employment at a firm that utilized reformed hackers. Meanwhile, Elez, a former engineer for X and SpaceX, reportedly held “read and write” access to sensitive systems at the Department of the Treasury before his assignment at HHS.
Detailed Breakdown of Compromised HHS Databases
The following data systems are now under DOGE oversight, containing vast amounts of Personally Identifiable Information (PII) and sensitive medical records:
Medicare and Medicaid Systems
- CMS Acquisition Lifecycle (CALM): Manages contract audits and milestones. Contains vendor IDs, taxpayer information, and contact details. (Access: Farritor, Coristine, Elez, Moghaddassi, Riley, Gleason).
- Healthcare Integrated General Ledger Accounting System (HIGLAS): A central accounting pillar. Contains SSNs, financial accounts, and health insurance claims. (Access: Farritor, Coristine, Elez, Moghaddassi).
- Integrated Data Repository Cloud (IDRC): A massive warehouse for Medicare claims. Contains medical notes, diagnoses, procedure codes, and full patient demographics. (Access: Farritor, Coristine, Elez, Moghaddassi, Terrell).
National Institutes of Health (NIH) and Administrative Systems
- NIH Electronic Research Administration (eRA): Processes grant applications. Contains disability records, education history, and professional performance data. (Access: Farritor).
- HHS Enterprise Human Capital Management (EHCM): Manages internal personnel actions and employee benefits. Contains military status and photographic identifiers. (Access: Farritor, Terrell, Riley).
- Payment Management System (PMS): Processes federal grant payments. Contains financial account information and user credentials. (Access: Farritor, Terrell, Riley).
Vulnerable Population Databases
- Expanded Federal Parent Locator Service (FPLS): Tracks child support and foster care placements. Contains employment data and SSNs. (Access: Elez and Moghaddassi, currently deactivated).
- Unaccompanied Children Portal: Houses data on minors apprehended by CBP. Contains biometrics, medical notes, and sponsor information, including passport and financial data. (Access: Kyle Schutt).
Security Lapses and Ethical Concerns
The transition of data access has not been without procedural failures. Deposition testimony from Jennifer Wendel, HHS Chief Information Officer, revealed that DOGE affiliate Aram Moghaddassi was granted access to the HIGLAS and IDR systems despite no record of him completing mandatory security training. While HHS system owners technically have the authority to deny access requests, Wendel testified that no such request from DOGE has ever been rejected.
Privacy advocates, including Elizabeth Laird of the Center for Democracy and Technology, argue that these actions strip away long-standing rights to consent and privacy. There are growing fears that data collected under the premise of auditing “waste” could be repurposed for aggressive immigration enforcement or the surveillance of migrant workers, as DOGE operatives are simultaneously building a master database at the Department of Homeland Security.
This administrative shift coincides with a massive purge of HHS personnel. Thousands of employees, including specialists at the FDA and CDC, have been removed from their positions as DOGE executes a strategy to drastically reduce the federal workforce, potentially leaving critical cybersecurity and contract management roles unfilled.
