Great news: Company in charge of fixing Healthcare.gov got federal rebuke for lax security

posted at 9:21 am on November 1, 2013 by Ed Morrissey

How does the White House restore confidence in the effort to fix a web portal on which they spent $400 million and 42 months?  Apparently, it involves bringing in the same people who had to fix things after their previous substandard deliveries, too.  QSSI, which just got the job of being prime contractor on the Healthcare.gov “tech surge,” spent the summer dealing with an HHS Inspector General report that slammed the company for allowing easy access to millions of Medicare accounts (via Jeff Dunetz):

A contractor heavily involved in repairing HealthCare.gov was previously criticized for endangering the personal data of more than 6 million government beneficiaries through insufficient security controls.

Lax data safety at Quality Software Services, Inc. (QSSI) was deemed a “high” risk in a June probe by federal investigators that revealed the company had failed to stop its employees from connecting unauthorized USB devices to highly sensitive Medicare systems.

The June report by the Health and Human Services (HHS) inspector general revealed that QSSI’s inaction allowed workers to connect unsanctioned devices such as iPods to 29 out of the 30 workstations studied, all of which had access to millions of Medicare patients’ personal data.

The unhindered access to USB ports raised the possibility that workers could have introduced malware to Medicare’s systems or “inappropriately accessed” personally identifiable details, the report stated.

The information of more than 6 million Medicare beneficiaries was at “greater risk from malware, inappropriate access or theft” as a result, wrote HHS assistant inspector general Kay Daily.

It’s not the first time that security issues have arisen in the Healthcare.gov project.  Even before the rollout, Attorneys General from several states raised red flags about the security of the site, concerns corroborated by an earlier IG report alerting HHS to a lack of testing on those areas of the website.

This morning, CBS News host Charlie Rose asked analyst John Dickerson was asked what the White House could do to “get on top” of the ObamaCare story.  “Well, I think he gets on top of this by having a website that actually works,” Dickerson replied. They might try finding contractors who have a track record of actual success in delivery and security, too. That might begin by getting rid of the people who chose these same contractors in the first place, and who squandered $400 million and 42 months to deliver incompetence, and possibly worse. But in the end, Dickerson makes it clear that the White House won’t “get on top” of the story as long as they keep lying about their earlier lies:


Related Posts:

Breaking on Hot Air

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Trackbacks/Pings

Trackback URL

Comments

FOUR!

Tilly on November 1, 2013 at 9:29 AM

This morning, CBS News host Charlie Rose asked analyst John Dickerson was asked what the White House could do to “get on top” of the ObamaCare story. “Well, I think he gets on top of this by having a website that actually works,” Dickerson replied.

Too bad some smart aleck working the controls at CBS wasn’t able to add this sound effect immediately after Dickerson’s response and with the camera back on Rose.

http://www.youtube.com/watch?v=khSIYmTzt6U

BuckeyeSam on November 1, 2013 at 9:30 AM

TOP MEN!

antipc on November 1, 2013 at 9:30 AM

We will not comply.

pambi on November 1, 2013 at 9:32 AM

Cue the music, please.

http://www.youtube.com/watch?v=MK6TXMsvgQg

Bishop on November 1, 2013 at 9:35 AM

His credibility is zero.

This doctor and hospital change is just one more aspect.

OT: It’s a shame that Norah O’Donnell is such a liberal nitwit. She really is yummy.

Regarding Obama’s polling, I heard that the recent polling concluded October 28. So it’s not taking into account the cancellations and the more recent word for employees with employer-provided insurance to watch out and word about limits on doctors and hospitals. I can’t wait for families to get together over Thanksgiving to trade stories about how they’re getting screwed or how they will be getting screwed. Although that might be offset by all the new Medicaid enrollees sitting down to some Thanksgiving dinner that some food bank probably provided, I think the working class is going to take a long, hard look at what Medicaid expansion is costing them and theirs.

BuckeyeSam on November 1, 2013 at 9:39 AM

The Period(.) President.

mjbrooks3 on November 1, 2013 at 9:42 AM

I can’t wait for families to get together over Thanksgiving to trade stories about how they’re getting screwed or how they will be getting screwed.
BuckeyeSam on November 1, 2013 at 9:39 AM

My wife made the same point the other night. Just wait for the Christmas retail numbers to start coming out.

This isn’t going to be pretty.

CTSherman on November 1, 2013 at 9:50 AM

INCOMPETENCE is a hallmark of this administration. Why should it change now?

GarandFan on November 1, 2013 at 9:53 AM

This is classic cronyism in action. Giving no bid contracts to people who bundled the most money for Obama and watching them fail at everything they touch.

The results are exactly what any sane rational person would expect. Good thing Obama isn’t rational.

Johnnyreb on November 1, 2013 at 10:05 AM

Just put the ruddy source code up on Reddit and be done with it, you’d get a higher quality and quicker result.

ExPat on November 1, 2013 at 10:35 AM

Meh. Supposedly Google is riding to rescue Obama, along with a few other tech companies (I note that apparently Apple didn’t join in, somewhat surprisingly). I would imagine that Google’s engineers will probably whip it together at some point. Not sure by the end of November though.

Vanceone on November 1, 2013 at 11:24 AM

Apparently, it involves bringing in the same people who had to fix things after their previous substandard deliveries, too. QSSI, which just got the job of being prime contractor on the Healthcare.gov “tech surge,” spent the summer dealing with an HHS Inspector General report that slammed the company for allowing easy access to millions of Medicare accounts (via Jeff Dunetz):

That’s not a bug, it’s a feature. They can “fix” the website a lot faster if they quit worrying about intangibles like, you know, security, privacy, a working backend, etc.

There Goes the Neighborhood on November 1, 2013 at 8:14 PM