preauthorization, how much preauthorization -- is that primarily on surgeries? >> it occurs throughout the health -- throughout health care. it is on surgeries, radiology, minor procedures, it happens all over. thes it designed to reduce amount of health care claims that are filed? >> yes. there is nothing wrong with having some differences in policies, some are more generous. the issue is that there are so many different ones that it is impossible to keep up with them. typical providers may be facing thousands of different preauthorization requirements depending on exactly which company the patient is insured by and which individual employer sponsored that. they may have customize their own preauthorization requirements. >> one quick question. i had a case a number of years ago where someone in my company went to the dermatologist to have a mole removed and had to have it tested. the insurance would not pay for it. they would've paid for it had been malignant. it seems like that's a catch-22. the system the one? -- does that still go on? >> it does. >> senator

does dhs have any preauthorization to respond to a foreign cyber attack? is dhs seeking that authorization? thee would be part of process with the department of defense and part of the decision-making process in making sure we understand what they are doing and how it may propagate into other things. we have the authorities we need to help defense and we rely on our partners across the interagency and other authorities. we want to connect what is going to make suretion it is less likely that we would be attacked. you, mr.thank chairman, and thanks for having this hearing. let me come back to a point i made at the conclusion of my remarks earlier. rules ofsion that classifying information are strictad, or maybe over and prevent the american people from knowing what we know, what our adversaries know. but they should know. and i understand sources and methods should be spared any risk, but would you agree that making more of this information known, what is classified, in other words, known to the american people, would help to create and raise awareness? >>

or do theyeking, have any preauthorization to respond to a foreign cyber attack. i was wondering if dhs has or is seeking the authorization. would be part of the process with the department of defense. but we are not offensive. we have authorities we need to help with network defense. partners across the agency and other authorities. what we hope is that we can correct what is going wrong with action to make sure it is less likely that we will be attacks. >> thank you mr. chair. you chairman, and my thanks for having the syrian. let me come back to a point we made at the conclusion of my remarks earlier. impression that rules of classifying information are stripsad, or maybe over -- strict. they prevent americans from knowing what they should. would you agree with me that making more of this information known, what is classified, in other words, known to the american people, what helped to create and make awareness -- would help to create and raise awareness? >> certainly, we are working into lanes. -- in two lanes. one is to get more clearance and but in general,