Rogers: WH wouldn’t brief us on Healthcare.gov security gaps – even in closed session

posted at 10:01 am on December 3, 2013 by Ed Morrissey

Rep. Mike Rogers provides a cheery thought on personal security as the White House gears up to sell ObamaCare all over again.  Last night, he told Greta van Susteren that data security on Healthcare.gov didn’t even meet “minimal standards” for the industry. In terms of the “private-sector velocity and efficiency” claimed by the Obama administration over the last couple of days, Rogers says that experts warned him that they would be sued out of business if they rolled out a website with this many security gaps.

It’s so bad, Rogers warns, that the White House refused to brief Congress on the known risks and attacks that have already taken place — even in closed session.  “That’s just unconscionable,” Rogers says, especially when the same people who won’t brief them are cajoling people to put their identity information at risk:

Rogers echoed the concerns of David Kennedy, the former Marine Corps cyberwarfare expert who warned Congress last month to shut down Healthcare.gov until the security gaps were closed.  I linked it earlier, but here’s Kennedy explaining what Rogers says:

After warning Americans when testifying before Congress on Nov. 19 to stay away from Healthcare.gov, Kennedy now says the situation is even worse.

“They said they implemented over 400 bug fixes,” he said. “When you recode the application to fix these 400 bugs—they were rushing this out of the door to get the site at least so it can work a little bit—you’re introducing more security flaws as you go along with it because you don’t even check that code.”

“I’m a little bit more skeptical now, and I would still definitely advise individuals to not use the website because it’s definitely something that I don’t believe is secure and neither did the four individuals that testified in front of Congress,” Kennedy said. “I think there’s some major security concerns there around privacy and information, and they haven’t even come close to being addressed, and won’t be in the short term.”

Private-sector velocity and efficiency in this case would see people get canned, and an “Under Construction” graphic in place of the website’s home page.  This is a government operation through and through.


Related Posts:

Breaking on Hot Air

Blowback

Trackbacks/Pings

Trackback URL

Comments

So like wrapping a condom around the 486 wont work huh…

hillsoftx on December 3, 2013 at 10:06 AM

Not even a closed door meeting from the most open and transparent administration evah!!!

nwsseeker on December 3, 2013 at 10:06 AM

just wait for those who do sign up to get their credit report back!!!

nwsseeker on December 3, 2013 at 10:08 AM

“We have to pass it so that you can see what’s in it!”

GarandFan on December 3, 2013 at 10:10 AM

Are we like just two years behind Venezuela now. When do we run out of toilet paper and power goes out.

Oil Can on December 3, 2013 at 10:10 AM

Oh boy…tingles will be interviewing dear leader this week….I’m sure he’ll be asking those hard hitting questions about obamacare
/

cmsinaz on December 3, 2013 at 10:11 AM

Not even a closed door meeting from the most open and transparent administration evah!!!

nwsseeker on December 3, 2013 at 10:06 AM

But, but … Obama was going to put the ObamaCare bill-making deliberations on C-Span, total transparency, “and then, like, everybody could see what was going on, man”. *Obama takes another toke* “It would be TOTAL TRANSPARENCY, man. Hehehehehe. Dave? Dave? Dave’s not here, man.”

“The level of security on this website is not even up to minimal standards.”

Without my glasses I read this as:

“The level of security on this website is not even up to minimal animal standards.”

Paul-Cincy on December 3, 2013 at 10:13 AM

486? I’m pretty sure they rolled out ENIAC for this one….straight punchcards baby!….oh the nostalgia of IT Museum that is Healthcare.Gov

shortdawgdc on December 3, 2013 at 10:13 AM

When they can’t admit anything even under the saran wrap of a closed session you know it’s FUBARWHOF.

Bishop on December 3, 2013 at 10:14 AM

obama is going to be so very angry when he finds out his website has security gaps.

HumpBot Salvation on December 3, 2013 at 10:15 AM

the White House refused to brief Congress on the known risks and attacks that have already taken place — even in closed session

Most transparent administration EVAH!!

BacaDog on December 3, 2013 at 10:18 AM

Just pondering if a drone marked AMAZON might automatically lock in on Michelle working her vegetable garden.

Urban Cowbuck on December 3, 2013 at 10:19 AM

Are we like just two years behind Venezuela now. When do we run out of toilet paper and power goes out.

Oil Can on December 3, 2013 at 10:10 AM

If you stake lefties out in the sun for a few days, the dessicated wafers they become can be used in a firepit or as toilet paper, simply peel away what you need and stack it next to the toilet.

Bishop on December 3, 2013 at 10:19 AM

In government work this project would be labelled as “doomed to succeed.” That is, it’s a project with so many high powered reputations pushing it that mere results can’t be used when judging it.

Fred 2 on December 3, 2013 at 10:20 AM

I would try my luck registering at a PORN(as the most obvious example of shady private sector business) website before registering at healthcare.gov.

Mord on December 3, 2013 at 10:22 AM

“That’s just unconscionable,” Rogers says

Well then it’s a good thing that no one in this regime has a conscience.

rbj on December 3, 2013 at 10:23 AM

Somebody should’ve told Obama that in computing, it’s nothing to program the typical case. All the work goes into programming for the exceptional cases, a small part of which involves protecting against some wanker who tries to harvest personal data.

With all the regulations, the money, the human element, the public and private involvement, there’s no way in hell this will ever work. Obama, in charge of this bear of a computer project (“my” web site, LOL!), and he’s never been in charge of anything. Does he even know the difference between a bit and a byte.

Paul-Cincy on December 3, 2013 at 10:25 AM

Only an idiot would enter their PII into the Healthcare.gov website. I guess it is okay if you are one of the parasites that rushed to sign up because you probably don’t have much risk. But those young healthies that the system needs? I hope they aren’t so stupid as to even go to the website.

Happy Nomad on December 3, 2013 at 10:27 AM

It’s so bad, Rogers warns, that the White House refused to brief Congress on the known risks and attacks that have already taken place — even in closed session. “That’s just unconscionable,” Rogers says

Then you should be DEMANDING air time on every major news
network across this land to inform the General public of this
Congressman. You have more of an obligation to let the
American people know about this than simply going on
Fox News.

ToddPA on December 3, 2013 at 10:33 AM

With all the regulations, the money, the human element, the public and private involvement, there’s no way in hell this will ever work.

Paul-Cincy on December 3, 2013 at 10:25 AM

What are you talking about? It is already working. Millions of Americans who were unable to get health insurance before now have affordable good healthcare thanks to Obamacare. /

I liken the “fixes” to the Obamacare website akin to putting the concrete sarcophagus around Chernobyl’s nuclear reactors. The fact that the administration focuses on “user experience” is like painting a giant smiley face on the sarcophagus.

Happy Nomad on December 3, 2013 at 10:33 AM

Over at DailyKos.fantasy, it is all about how the healthcare.gov has turned the corner and is quite the success.

thuja on December 3, 2013 at 10:33 AM

“The level of security on this website is not even up to minimal standards.”
===========================================================================

Hmmm,…smacks of Job Creation for, …ObamaVoterBotFrauds!!!!
(sarc)

canopfor on December 3, 2013 at 10:36 AM

After warning Americans when testifying before Congress on Nov. 19 to stay away from Healthcare.gov, Kennedy now says the situation is even worse.

I read somewhere that when you go through the entire healthcare.gov process, there’s one step where you have to agree that you understand that “there is no reasonable expectation of privacy” when applying for insurance there. If true, you won’t be able to sue the government or even an insurer should your identity be stolen or your credit card info used by a hacker, etc.

TXUS on December 3, 2013 at 10:38 AM

I can’t to wait to see the ‘rat poll numbers after the first data breach.

And the second…

…and the third.

Feh… not even Satan could sell this turkey.

CPT. Charles on December 3, 2013 at 10:38 AM

Well then shouldn’t Congress & Rogers shut it down? It is unsafe, a hazard, about to collapse and maybe get people killed or maimed.

steveracer on December 3, 2013 at 10:39 AM

security gaps

Gaps? What “security gaps”?

You can’t have “gaps” in something that doesn’t exist.

davidk on December 3, 2013 at 10:40 AM

I liken the “fixes” to the Obamacare website akin to putting the concrete sarcophagus around Chernobyl’s nuclear reactors. The fact that the administration focuses on “user experience” is like painting a giant smiley face on the sarcophagus.

Happy Nomad on December 3, 2013 at 10:33 AM

It’s all a wonderful (or macabre, take your pick) metaphor for the Obama presidency, and Obama himself — a smiling public image that hides the lack inside of, of anything and everything. Like the loser or con man (take your pick) who maxes out his credit cards (national debt) to maintain his lifestyle, and then goes to his relatives to have them invest in some phony Ponzi/Madoff scheme (getting the middle class to pay for the “poor’s” health care).

/the Emperor’s back end is showing

Paul-Cincy on December 3, 2013 at 10:41 AM

With all the regulations, the money, the human element, the public and private involvement, there’s no way in hell this will ever work.

Paul-Cincy on December 3, 2013 at 10:25 AM

Loser, it worked for the War On Poverty; there are no more poor anywhere in America.

Read a book sometime and learn.

Bishop on December 3, 2013 at 10:42 AM

Can someone tell me why private insurance companies can’t sign up people that qualify for Obamacare subsidies and then bill the government directly for those subsidies maybe on a monthly basis?

Why do they insist that those needing subsidies go through the insecure and thoroughly broken government website?

slickwillie2001 on December 3, 2013 at 10:43 AM

It’s so bad, Rogers warns, that the White House refused to brief Congress on the known risks and attacks that have already taken place — even in closed session.
===============


Transparency eh!!!!!!!!!!!!!!!

canopfor on December 3, 2013 at 10:44 AM

With all the regulations, the money, the human element, the public and private involvement, there’s no way in hell this will ever work.

Paul-Cincy on December 3, 2013 at 10:25 AM

Loser, it worked for the War On Poverty; there are no more poor anywhere in America.

Read a book sometime and learn.

Bishop on December 3, 2013 at 10:42 AM

Don’t forget corruption. I expect that Democratics will corrupt Obamacare just as they have the IRS, FBI, NSA, etc. In the future, the complete health records of Republican candidates will be available to the DNC, just as Governor Romney’s tax records were.

They can’t help themselves, corruption is second nature to the proggies. Something about “anything for the cause”.

slickwillie2001 on December 3, 2013 at 10:46 AM

404Care.gov has run out of time. Site usage has to be metered, the accounting part isn’t even started yet, it can’t produce effective file communication with the insurers, and no one can assure themselves of coverage. The worst part is that all PI is open to the world, in violation of Hi-Tech Act and HIPAA. Every single time someone enters information into the site it constitutes a violation of law by HHS.

This is a mess beyond all messes. When the innocent people who have been harmed figure out what a cruel hoax this has been, the politicians who foisted this on the voters are going to be lucky to find hiding places.

MTF on December 3, 2013 at 10:47 AM

Loser, it worked for the War On Poverty; there are no more poor anywhere in America.

Read a book sometime and learn.

Bishop on December 3, 2013 at 10:42 AM

Bishop:

Oh dats a good one,…don’t you recall the 09′ Hope and Change
Night of the Great Book Burnings!!

Geez……(snark)–:0

canopfor on December 3, 2013 at 10:51 AM

What does this Republican obstructionist think we need security for. It’s just your identity and health records we are talking about.

oldroy on December 3, 2013 at 10:51 AM

Security should have been the very first priority for this website. Not to mention they haven’t even begun the shopping cart. Utter stupidity…

Pest on December 3, 2013 at 10:54 AM

Maybe it’s time for the media to write articles saying that it must be really bad if they’re not talking to them. That will smoke them out and come out on the record at the very least.

blammm on December 3, 2013 at 10:58 AM

With all the regulations, the money, the human element, the public and private involvement, there’s no way in hell this will ever work.

Paul-Cincy on December 3, 2013 at 10:25 AM

Loser, it worked for the War On Poverty; there are no more poor anywhere in America.

Read a book sometime and learn.

Bishop on December 3, 2013 at 10:42 AM

We are winning!

http://www.helpcurechildobesity.com/

We are losing!

http://feedingamerica.org/hunger-in-america/hunger-facts/child-hunger-facts.aspx

We are spending tons of money to figure it out!

http://www.cdc.gov/nchs/nhanes/nhanes2005-2006/FSQ_D.htm

Bottom line? A lot of people are making a lot of money exploiting children.

davidk on December 3, 2013 at 11:01 AM

Can someone tell me why private insurance companies can’t sign up people that qualify for Obamacare subsidies and then bill the government directly for those subsidies maybe on a monthly basis? …
slickwillie2001 on December 3, 2013 at 10:43 AM

I had proposed weeks ago (on HA with tongue-in-cheek) that this would be the stopgap-to-permanent solution. And reverting to a paper-based system would create jobs in the USPS and paper industry.

But I regret that either of us mentioned this. HHS is probably trolling this thread and considering the solution proposed in the first comment here. Let’s hope they chose that solution and don’t read any further.

Tsar of Earth on December 3, 2013 at 11:16 AM

This is a government operation through and through.

This is ‘close enough for government work’ through and through.

The Administration can’t brief Congress on the security of O’care, because for all practical purposes, it doesn’t have any security.

My question to Congressman Rogers and other senior Republican’s in the House Leadership is that this pattern of incompetence, obfuscation, lying, and disrespect towards Congress from this White House and Administration is nothing new. It’s been their SOP for nearly six years. Yet in all of that time, what have you done in your role as the Leaders of the House of Representatives to assert your Constitutional powers and role?

You whinge, you complain, but you still let them get away with it. You are as much of the problem as this Administration is.

Athos on December 3, 2013 at 12:46 PM

Get used to this happening more often….particularly around Obamacare…

Malware mishap makes for massive breach…

Some 90,000 University of Washington Medicine patients got a surprise this Thanksgiving, and it wasn’t a very good one.

This holiday surprise came in the form of patient notification letters divulging the details of a data breach which compromised their protected health information after an UW Medicine employee opened an email attachment containing malware.

The malware took control of the computer, which had patients’ data stored on it. Patient information may have included Social Security numbers or Medicare numbers, names, medical record numbers, dates of birth, dates of service, charge amounts for services received, addresses and phone numbers.

Since 2009, when the HIPAA privacy and security rules went into effect requiring HIPAA-covered entities notify HHS for breaches involving more than 500 individuals, some 27 million individuals have had their protected health information compromised.

This is with security in place. Obamacare doesn’t really have any security in place – nor was security a priority when the website was developed.

Athos on December 3, 2013 at 12:59 PM

I think the House should be slamming the brakes on every dollar its in their power to appropriate for the implementation of Obamacare, then go in front of We the People to explain exactly why, starting with this.

The place for Rep Rogers to have made this statement is on the White House lawn, not on the Greta show.

And if they wont let him speak in front of the WH, then go outside, chain yourself to the gate and say it.

Sacramento on December 3, 2013 at 1:41 PM

Well then shouldn’t Congress & Rogers shut it down? It is unsafe, a hazard, about to collapse and maybe get people killed or maimed.

steveracer on December 3, 2013 at 10:39 AM

The place for Rep Rogers to have made this statement is on the White House lawn, not on the Greta show.

And if they wont let him speak in front of the WH, then go outside, chain yourself to the gate and say it.

Sacramento on December 3, 2013 at 1:41 PM

It’s not even entirely clear to me who’s team Rep. Rogers plays for. He looked exceedingly shaky when pressed on the Benghazi situation by Megyn Kelly about two weeks ago (she called him out on a significant difference between his account of testimony and descriptions by fellow committee-member Devin Nunes).

If you don’t have the time to watch it all (worth doing) skip to about 8:25 and watch Rogers’ “deer in the headlights” response to Megyn casually dropping in the unusual fact that Amb. Stevens spoke to Rogers’ committee prior to “his murder” (which Rogers uneasily and awkwardly rephrases as “his passing”).

See if you don’t get very funny vibes from Rep. Rogers.

bofh on December 3, 2013 at 3:15 PM

There goes the liberal myth of their higher intelligence, as if only belief in government power certifies intelligence. Fools, blind fools.

arand on December 5, 2013 at 4:39 PM

Where can I get a T shirt that says “this is what a young healthy who refuses to sign up looks like”?

ardenenoch on December 6, 2013 at 12:16 AM