AP: More than two-thirds of state ObamaCare systems were initially rated “high risk” for cybersecurity
posted at 9:01 pm on February 25, 2014 by Erika Johnsen
Here’s a report to brighten your day/heighten your faith in the Obama administration’s oversight of their gargantuan overhaul of one sixth of our domestic economy: In those oh-so-harried days leading up to the ObamaCare open enrollment period, when administration officials were throwing together the components that would eventually lead to a very botched website rollout, there was a lot of concern about the pending network’s level of cybersecurity protection. Such a massive data hub that connects so many people’s sensitive medical and financial information was and is bound to be a target for hackers and fraudsters, and setting up adequate protections should be one of the administration’s most important goals.
As the Associated Press reports, that concern was even more justified than we thought it was. In order to connect with federal computers and access individuals’ information from the Social Security Administration, the IRS, Homeland Security, and etcetera, state and other outside systems have to undergo a security review and receive an “authority to connect.” Well.
Documents provided to The Associated Press show that more than two-thirds of state systems that were supposed to tap into federal computers to verify sensitive personal information for coverage were initially rated as “high risk” for security problems. …
The administration says the documents offer only a partial and “outdated” snapshot of an improving situation, and the security problems cited were either resolved or are being addressed through specific actions. No successful cyberattacks have taken place, officials say.
However, the issues detailed in documents and emails provided by the House Oversight and Government Reform Committee reveal broader concerns than the federal Health and Human Services department has previously acknowledged.
They show a frenzied behind-the-scenes juggling act by officials and contractors as the Oct. 1 deadline for new health insurance exchanges loomed. Instead of providing a showcase for President Barack Obama, the launch of his health care law became a case study in how big technology projects can go off the rails. …
The administration insists that there’s no evidence to suggest that any major cybersecurity problems have gone down so far (so I guess we’re not counting that malicious code that programmers in Belarus may-or-may-not have inserted into the system?) — and I suppose we can only trust that the Obama administration will make sure it stays that way. How reassuring.