Obamacare months behind testing IT security, navigator training “barely off the ground”

posted at 4:51 pm on August 7, 2013 by Mary Katharine Ham

One thing that has always distinguished Obamacare’s roll-out from state-level health care reforms and other large IT projects is that there appeared to be no plan for beta testing— a preliminary step during which a small number of users gain access to a new technology to help programmers work out bugs. Obamacare supporters argued the federal government had built exchange-like mechanisms before and would be prepared to build them again, but Obamacare is a much larger endeavor than anything built before, and must marry with myriad state and federal databases and technological systems to work as advertised.

Now, it seems sure that beta testing will be happening on launch day, in the particularly sensitive area of IT security:

The federal government is months behind in testing data security for the main pillar of Obamacare: allowing Americans to buy health insurance on state exchanges due to open by October 1

The missed deadlines have pushed the government’s decision on whether information technology security is up to snuff to exactly one day before that crucial date, the Department of Health and Human Services’ inspector general said in a report.

As a result, experts say, the exchanges might open with security flaws or, possibly but less likely, be delayed.

“They’ve removed their margin for error,” said Deven McGraw, director of the health privacy project at the non-profit Center for Democracy & Technology. “There is huge pressure to get (the exchanges) up and running on time, but if there is a security incident they are done. It would be a complete disaster from a PR viewpoint.”

Despite the possible threat of identity theft, the administration will likely push through with exchange launches because the PR hit from not launching would be greater than launching with a few suckers’ intimate financial and health information being stolen. A 2002 law requires that the federal “data hub” through which all the IRS income information, Social Security info, and health care exchange info runs be certified as secure through a three-step process, according to Reuters, but there’s also an allowance for administrators to deem the data hub, basically, “secure enough” — an option they’ll likely take for the reasons stated above.

“CMS,” concludes the inspector general’s report, “is working with very tight deadlines.”

The delays mean that the ruling by CMS’s chief information officer certifying the Obamacare IT system as secure will be pushed back from September 4 to September 30, a day before enrollment under the Patient Protection and Affordable Care Act, the law that established Obamacare, is supposed to start.

“Several critical tasks remain to be completed in a short period of time,” the report concluded.

Any additional delays could mean CMS would not have the information it needs to authorize use of the system by October 1, the inspector general found.

As for Obamacare’s navigators, who may be a risk for fraud and identity theft themselves, they’re having their training cut down:

Opening day for the new health-insurance marketplaces is two months away, but efforts to recruit and train workers to help people enroll are barely off the ground in many states. With time running short before enrollment kicks off Oct. 1, the Obama administration last week cut back on training requirements for these ‘navigators.’ Officials were concerned there might not be enough time to do more-extensive training before the health-insurance exchanges open … Three weeks ago, the administration said navigators would need up to 30 hours of training before they start, but it said last week that 20 hours would be sufficient.

Guy Benson:

So rather than maintaining some semblance of quality control, the administration has slashed by one-third the amount of training taxpayer-funded Obamacare ‘experts’ will receive before they’re “qualified” to walk ordinary Americans through the process of obtaining healthcare through the law’s exchanges. Yes, these are the same under-trained, under-vetted “navigators” that privacy experts worry will have too much unfettered access to reams of citizens’ confidential information. This alteration was necessitated by realities on the ground — from uncertainty surrounding whether the exchanges will be ready on time, to worries about technical “glitches” and “crashes,” to the fact that Obamacare worker training is “barely off the ground in many states.” To avoid another political embarrassment, Team Obama is cutting corners with your healthcare.

This makes three major security concerns with Obamacare the administration has decided to mostly ignore instead of taking the time and effort to ensure consumer safety. First, they dropped any pretense at verification of income, thereby allowing anyone to claim subsidies no matter what their income or whether they’d been offered health insurance elsewhere. Second, we have a security system that will admittedly get no substantial test run, and can’t even hope to finish a security certification process required by law until the day before the exchanges launch. And, third, they’re cutting corners on vetting and training the very people who are supposed to walk Americans and their sensitive data through the insecure process.

This is basic stuff. If this were a private business, everyone would be reporting them to the Consumer Financial Protection Bureau, and with good reason.


Related Posts:

Breaking on Hot Air

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Trackbacks/Pings

Trackback URL

Comments

What part of you the NSA will let live, the HHS will kill off.

Schadenfreude on August 7, 2013 at 4:54 PM

The Swine who rule you.

Schadenfreude on August 7, 2013 at 4:55 PM

America has a two-party system. But it’s not Republicans versus Democrats. It’s the ruling class — Republicans and Democrats — against everyone else. Consider how President Obama just gave Congress its very own Obamacare waiver.

Obamacare includes a provision that should cost each member of Congress and each staffer $5,000 to $11,000 per year. Needless to say, the ruling class was not pleased.

Congress wasn’t about to try to exempt itself from this provision explicitly, though. If John Q. Congressman voted to give himself an Obamacare waiver that his constituents don’t get, he wouldn’t be John Q. Congressman much longer. What’s an aristocrat to do?

Stupid, stupid people of the land, go after them, with all you’ve got.

Schadenfreude on August 7, 2013 at 4:56 PM

They are busy copying all your health records over to OFA first.

Soon, they will have phone calls, website visits, Google searches, chats, emails, doctor visits, medications, AIDs and VD tests all in one big database.

faraway on August 7, 2013 at 4:56 PM

Congress wasn’t about to try to exempt itself from this provision explicitly, though. If John Q. Congressman voted to give himself an Obamacare waiver that his constituents don’t get, he wouldn’t be John Q. Congressman much longer. What’s an aristocrat to do?

Contact your congressman and tell him or her to immediately introduce legislation MANDATING that all members of Congress and their staff adhere to the 0bamacare law TO THE LETTER. See who’s got a pair.

CurtZHP on August 7, 2013 at 5:05 PM

All is well

Chuck Schick on August 7, 2013 at 5:05 PM

Why do they need any of this? Tell people to buy their own expletive insurance, and don’t collect personal data. What the expletive are they doing? This is make work for D.C. bureaucrats, who spent 24K for a 4K discount on a new car in Cash for Clunkers. Fire them all. Send them home. The government doesn’t have to do anything, just decree that you should buy insurance and have the IRS start checking randomly. No secret info is needed.

Fleuries on August 7, 2013 at 5:06 PM

OT: CNN Chief’s 14 Year-Old Son Put On Board of Cory Booker Online Start Up, plus millions $$$ in stock options

faraway on August 7, 2013 at 5:06 PM

My, grandma, what big security gaps you have!

“The better to Renew you with.” -Sebelius

Steve Eggleston on August 7, 2013 at 5:06 PM

There is something very perturbing in this picture.

Schadenfreude on August 7, 2013 at 5:07 PM

CurtZHP on August 7, 2013 at 5:05 PM

From what I understand, O has already done the exemption —REPORT: President personally negotiated Obamacare exemption for Congressional staffers…

REUTERS: The fix is in…Drudge

CoffeeLover on August 7, 2013 at 5:08 PM

This whole thing makes me sick to my stomach. And the GOP leadership through this whole mess … It is like having an arsonist start fire to your house, you call the fire department to come put it out while it is still possible, and when they show up, they stand around and have cocktails with the perpetrator.

Whiterock on August 7, 2013 at 5:12 PM

…as long as they ‘talk about it’…it has been accomplished!…what the he11 is wrong with you people?

KOOLAID2 on August 7, 2013 at 5:17 PM

Obama to hackers: “Wait til we turn it on, to see what’s in it”

faraway on August 7, 2013 at 5:20 PM

******************** TYPICAL **************************!!!

canopfor on August 7, 2013 at 5:22 PM

These are not the droids you’re looking for.

Philly on August 7, 2013 at 5:29 PM

These mofos make me SICK! Everyday is a new violation to my person, freedom, purse and well-being. Fire them all and if there is no one in Congress the day after the November 2014 elections, so be it. Gods but these people are brazen. They make Marie Antoinette look like the soul of charity and her husband the soul of fiscal restraint.

totherightofthem on August 7, 2013 at 5:33 PM

This whole thing makes me sick to my stomach. And the GOP leadership through this whole mess … It is like having an arsonist start fire to your house, you call the fire department to come put it out while it is still possible, and when they show up, they stand around and have cocktails with the perpetrator.

Whiterock on August 7, 2013 at 5:12 PM

Hell, it’s like the Fire Department is the arsonist.

totherightofthem on August 7, 2013 at 5:33 PM

This is basic stuff. If this were a private business, everyone would be reporting them to the Consumer Financial Protection Bureau, and with good reason.

Heck, who cares if it’s not a private business? It’s still an issue of consumer protection. Why not use Elizabeth Warren’s pet idea for some actual good – embarrass the Feds by reporting one branch to another. Then let House hearing descend on the complaints reported and publicize it even wider.

http://www.consumerfinance.gov/complaint/

They don’t have an option for “Federal boondoggle screwup” but perhaps it could be considered a credit reporting or money transfer issue.

The site has a nice little mention of analyzing data and reporting to Congress:

Complaints help with our work to supervise companies, enforce federal consumer financial laws, and write better rules and regulations. We also report to Congress about the complaints we receive and post some consumer complaint data.

Jill1066 on August 7, 2013 at 5:36 PM

…no plan for beta testing— a preliminary step during which a small number of users gain access to a new technology to help programmers work out bugs.

You’d almost think Microsoft was involved.

slickwillie2001 on August 7, 2013 at 5:50 PM

None of this should be a surprise to anyone….

What part of you the NSA will let live, the HHS will kill off.

Schadenfreude on August 7, 2013 at 4:54 PM

Let’s not let the IRS have a pass from this either…or the CFPB for that matter too….

We’re running full speed into a solid brick wall of immense proportions because some fundamental miscalculations being made by the progressive / big government pinheads behind Obamacare, Dodd/Frank, and the Progressive Agenda.

First, there are absolutely no incentives for the federal government to be effective, efficient, accountable, or responsive for any of their actions. There are no competitive forces on the federal government to be productive, efficient, and economical. The federal government will not bear any of the ramifications for their inefficiencies, lack of productivity, lack of economic competitiveness, or lack of security / protection of the information they hold. To the progressive / big government types, we the people exist to support the government, not the other way around. So without those incentives, the federal government will not be customer focused or efficient / effective.

Second, progressivism has in its roots the theoretical discussion and philosophy around the relationship of government and the governed. They believe all rights exist because of government – and that government is the necessary glue to hold society together. All of these programs are designed / voted for / enacted because progressives believe they will work regardless of reality. This is no different from those who talk about the use of military force – but fail to understand or accept the realities of logistics towards the projection of military force. All of these big government programs like ACA, Dodd/Frank have little to no real ‘logistical’ thought applied to how things really work.

Third, while all of these programs significantly advance big government / bigger government – they do not represent the desired end state goal of the progressive liberal fascists. They are designed and intended to fail because they are ‘interim’ steps between what existed before and the ‘ideal end state’. They are intended to ‘fix’ problems – but in reality are designed to break the system (Cloward / Piven) leaving the ‘ideal end state’ as the only acceptable option that will ‘work’. The complexity and amount of data to be managed is designed to fail / be insecure – because the government lacks complete power, control, and authority. The solution is to give the government complete power, control, and authority. (And even this will still fail – just look at how often our enemies (China, Russia, DPRK, and Anonymous / Wikileaks) can compromise our systems and data.)

Athos on August 7, 2013 at 5:52 PM

Bayam???

Resist We Much on August 7, 2013 at 5:58 PM

Gee, it’s almost like no one could see this coming.

Spit.

pambi on August 7, 2013 at 6:04 PM

As much as I would like to, I don’t believe that anything will derail the Obamacare train. And I don’t trust a single conservative prediction of problems with its deployment because of, you know, the 2012 Presidential election. That was the last time I bought any conservative political prediction.

The only way this monster will be destroyed is to tear it out root and branch after the 2016 elections if we manage to beat the cheating Democrats and the entire media machine. Whoever we elect will have to be tough minded enough to do whatever is necessary to get rid of it and put something sensible in its place.

Texene on August 7, 2013 at 6:14 PM

..probably hired the same IT guys who rolled out ORCA, the GOP 2012 Election Night[mare] software.

I got a good idea: let’s beta-test on the deadline; that should be fun!

The War Planner on August 7, 2013 at 7:05 PM

Obamacare reminds of the movie “Aliens”, where things go from bad to worse to dire to impossible.

Hudson: “Well that’s great, that’s just f****n’ great, man. Now what the f**k are we supposed to do? We’re in some real pretty sh*t now man..”.

Ripley: “I say we take off and nuke the entire site from orbit. It’s the only way to be sure.”

MichaelGabriel on August 7, 2013 at 7:29 PM

T R A I N W R E C K ! ! !

GarandFan on August 7, 2013 at 7:34 PM

Choke, you pigs.

Schadenfreude on August 7, 2013 at 7:56 PM

“navigators”

Wonder if they have a good laugh when they come up with these Marxist euphemisms, or are they solemnly in awe of their perceived brilliance?

Dr. ZhivBlago on August 7, 2013 at 11:52 PM

As much as I would like to, I don’t believe that anything will derail the Obamacare train. And I don’t trust a single conservative prediction of problems with its deployment

Texene on August 7, 2013 at 6:14 PM

Me neither. This is, after all, the administration of “we have to pass it to find out what’s in it.” They don’t really care what kind of trainwreck it is or how much damage it will do.

Sterling Holobyte on August 8, 2013 at 12:17 PM