CMS Memo Warned of Security Threat Before Obamacare Site Launch

WASHINGTON, DC - OCTOBER 29: Centers for Medicare and Medicaid Services Administrator Marilyn Tavenner testifies before the House Ways and Means Committee in the Longworth House Office Building October 29, 2013 in Washington, DC. Tavenner is the first Obama Administration to testify before Congress since the troubled launch the federal exchange website. 'I want to assure you that Healthcare.gov can be fixed, and we are working around the clock to give you the experience that you deserve,' she said.  
National Journal
Sophie Novack
Add to Briefcase
See more stories about...
Sophie Novack
Oct. 31, 2013, 2:49 a.m.

An in­tern­al Cen­ters for Medi­care and Medi­caid Ser­vices memo from three days be­fore the launch of Health­Care.gov warned of a po­ten­tial se­cur­ity threat, NPR re­ports.

“From a se­cur­ity per­spect­ive, the as­pects of the sys­tem that were not tested due to the on­go­ing de­vel­op­ment, ex­posed a level of un­cer­tainty that can be deemed as high risk for FFM [Fed­er­ally Fa­cil­it­ated Mar­ket­place],” said the Sept. 27 memo.

The memo was is­sued by CMS IT of­fi­cials James Kerr and Henry Chao, and signed by CMS Ad­min­is­trat­or Mar­ilyn Taven­ner. 

The agency de­cided to go ahead with the Oct. 1 launch des­pite the risks, and it cre­ated a ded­ic­ated se­cur­ity team to mon­it­or the risk. Taven­ner said in a House Ways and Means hear­ing Tues­day that she be­lieved the web­site was ready on Oct. 1, al­though she ac­know­ledged there would be some glitches to work out.

At a House En­ergy and Com­merce meet­ing Wed­nes­day, Health and Hu­man Ser­vices Sec­ret­ary Kath­leen Se­beli­us said tem­por­ary ap­prov­al was giv­en be­cause there was a se­cur­ity risk “mit­ig­a­tion” plan.

The memo was provided in re­sponse to a re­quest from the House Over­sight Com­mit­tee, CNN says. Com­mit­tee Chair­man Dar­rell Issa, R-Cal­if., has been launch­ing an in­vest­ig­a­tion in­to the launch of Health­Care.gov, and who in the ad­min­is­tra­tion knew of is­sues be­fore­hand, and what is in­volved in the “tech surge” to fix the site.

Po­ten­tial pri­vacy and se­cur­ity is­sues have been a large talk­ing point for Re­pub­lic­ans against the on­line fed­er­al ex­change. 

“You ac­cep­ted a risk on be­half of every per­son that used this com­puter that put their per­son­al and fin­an­cial in­form­a­tion at risk be­cause you did not even have the most ba­sic ‘end-to-end’ test on se­cur­ity of this sys­tem,” Rep. Mike Ro­gers, R-Mich., said to Se­beli­us. “Amazon would nev­er do this. Pro­Flowers would nev­er do this. Kayak would nev­er do this.” 

What We're Following See More »
TIME TO SPLIT
House Passes CR, Sends Bill to President’s Desk
4 hours ago
THE LATEST
CAN’T NAME ONE WORLD LEADER
Gary Johnson Stumbles Again
6 hours ago
WHY WE CARE
GOES TO PRESIDENT
Senate Approves Bill to Preserve Rape Kits
6 hours ago
THE LATEST

"The Senate on Wednesday approved legislation ensuring sexual assault survivors in federal criminal cases have access to forensic evidence collection kits, sending the bill to President Obama's desk. The legislation, known as the Survivors’ Bill of Rights Act, was passed by unanimous consent as lawmakers prepare to leave Washington until after the election. The House passed the measure earlier this month."

Source:
2-MONTH GIG OR 8-YEAR GIG?
Alec Baldwin to Play Trump on ‘SNL’
7 hours ago
THE DETAILS
STRIKES DOWN NEW HAMPSHIRE BAN
Court: Selfies in Voting Booth Now OK
9 hours ago
WHY WE CARE
×