HHS Launched Obamacare Website With Known Security Concerns

Documents reveal the testing contractor recommended a denial to operate a month before website was launched


The Department of Health and Human Services launched the Obamacare website, Healthcare.gov, disregarding known security concerns, according to newly obtained documents from the watchdog group Judicial Watch.

Mitre Corporation, the testing contractor that evaluated Healthcare.gov, initially found there were security concerns surrounding the website.

"The documents reveal that Mitre recommended a ‘Denial Authorization to Operate' in the month prior to Obamacare's launch, noting that it could not adequately test the confidentiality and integrity of the system," Judicial Watch said. "It said that complete end-to-end testing of the system never occurred. Mitre found that 11 ‘moderate' security findings and 8 ‘low' findings remained open as of September 19, 2013—12 days before the launch."

Additionally, five days before the website was launched, an "Authorization to Operate" was not only unsigned but indicated the validation contractor was unable to test the system completely.

The new documents also reveal that officials at the Centers for Medicare and Medicaid Services had a press background briefer where they crossed out a line that said consumers could trust the security of the website and that it was compliant with the Federal Information Security Management Act.

In addition, Healthcare.gov's IT security chief Tom Schankweiler said that the agency was faced with either exposing personal identifiable information of consumers who used the site or having the website down for days.

"He also warns of a software problem causing a ‘high number of security and privacy incidents,'" Judicial Watch said. "Schankweiler's push to fix the problem was resisted by CMS official Rebecca Fender, who worried that the fix would take the Obamacare website down ‘for several days.'"

"Obamacare is corrupt, as we see further proof in these FOIA documents that sensitive health information on millions of Americans was put at risk," said Judicial Watch president Tom Fitton. "From its start, Obamacare was a project that its promoters were determined to inflict on us whether it was ready or not. And clearly it was not. Anyone who uses the Obamacare web site does so at great risk to their private information. Let this be a lesson for those in Washington who are now trying to clean up this mess."

Ali Meyer

Ali Meyer   Email Ali | Full Bio | RSS
Ali Meyer is a staff writer with the Washington Free Beacon covering economic issues that expose government waste, fraud, and abuse. Prior to the Free Beacon, she was a multimedia reporter with CNSNews.com where her work appeared on outlets such as Drudge Report and Fox News. She also interned with the Heritage Foundation and Pacific Research Institute. Her Twitter handle is @DJAliMeyer, and her email address is meyer@freebeacon.com.

Get the news that matters most to you, delivered straight to your inbox daily.

Register today!
  • Grow your email list exponentially
  • Dramatically increase your conversion rates
  • Engage more with your audience
  • Boost your current and future profits