Obamacare site at ‘high risk’ before launch

Obamacare site at ‘high risk’ before launch

HEALTHCARE HEADACHES: The Obamacare website has been plagued with problems since its launch. Photo: Associated Press

By Jim Finkle

BOSTON (Reuters) – The security of the Obama administration’s healthcare website was at “high risk” because of lack of testing before it opened for enrollment on Oct. 1, according to a government memorandum reviewed by Reuters on Wednesday.

The site collects a trove of sensitive data, such as Social Security numbers, email addresses, phone numbers and birth dates that could be used by criminals in an array of schemes.

A government spokeswoman said on Wednesday that steps to mitigate security concerns have been implemented since the memo was written on September 27 and that consumer data is secure.

“From a security perspective, the aspects of the system that were not tested due to the ongoing development exposed a level of uncertainty that can be deemed as a high risk,” said the memo from Department of Health and Human Services officials James Kerry and Henry Chao.

The memo recommended the creation of a dedicated security team, weekly testing of servers, daily scans and a full security assessment within 60 to 90 days of launch. It provided for a temporary, six-month authority to operate the system.

According to the document, the recommendation was approved by Marilyn Tavenner, administrator of the Centers for Medicare and Medicaid Services, the lead agency at HHS managing the 2010 Affordable Care Act, commonly called Obamacare.

The law, Obama’s signature domestic policy, was passed in his first term and upheld by the U.S. Supreme Court last year. It mandates everyone have health insurance or pay a fine and created online marketplaces for people to choose plans.

The September 27 memo came up during a U.S. House of Representatives hearing on Wednesday to question HHS Secretary Kathleen Sebelius about technical problems that have stalled access to the website for millions of consumers. Sebelius confirmed its main points and said the plan to ensure security was underway.

Sebelius said that the site had a temporary certificate, known as an “authority to operate” and that the agency would issue a permanent certificate once security concerns were alleviated.

Yet HHS spokeswoman Joanne Peters said that during the interim the public need not worry about the security of data entered on the site, which helps them identify and enroll in health insurance plans.

“When consumers fill out their online Marketplace applications, they can trust that the information they’re providing is protected by stringent security standards and that the technology underlying the application process has been tested and is secure,” she said.

Meanwhile, Connecticut’s state-run online exchange disclosed on Wednesday that it had experienced five attempted cyber attacks, including two from a foreign country.

“We had to get the NSA involved,” Kevin Counihan, executive director of the exchange that is known as Access Health CT, told reporters on a conference call.

A spokeswoman for the National Security Agency declined comment. Counihan said the exchange had passed cybersecurity tests before it opened on Oct. 1.

Recent Headlines

in Sports

Watson’s 4 TDs lead No. 1 Clemson to victory

Clemson head coach Dabo Swinney

Deshaun Watson ran for three touchdowns and passed for a fourth as No. 1 Clemson capped an undefeated regular season by holding off rival South Carolina 37-32 on Saturday.

in Sports

No. 2 Alabama claims SEC West with win over Auburn

Alabama head coach Nick Saban seems frustrated during the second half of an NCAA college football game against Auburn in Auburn, Ala., Saturday, Nov. 30, 2013.

Derrick Henry ran 46 times for 271 yards and Adam Griffith kicked five field goals to propel No. 2 Alabama to the SEC West title with a 29-13 victory over rival Auburn on Saturday.

in Sports

Michigan State takes division with rout of Penn State

Michigan State head coach Mark Dantonio walks with his team before the first half of an NCAA college football game against Ohio State in East Lansing, Mich., Saturday, Nov. 8, 2014.

Connor Cook threw three touchdown passes in his return from a shoulder injury, and No. 6 Michigan State wrapped up a spot in the Big Ten championship game with a 55-16 rout of Penn State on Saturday.

in Sports

USC rolls past No. 22 UCLA 40-21, takes Pac-12 South title


Cody Kessler threw two touchdown passes and ran for another score, and Southern California clinched the Pac-12 South title with a 40-21 victory over No. 22 UCLA on Saturday in the 85th edition of their crosstown showdown.

in Entertainment

Anne Hathaway expecting first child


The Oscar winner is expecting her first child, according to reports.

Bellingham Traffic