Attention

The opinions expressed by columnists are their own and do not represent our advertisers

Monday, January 25, 2016

Judicial Watch: Healthcare.gov Had No ‘Authorization to Operate’

(Washington, DC) – Judicial Watch has released over 1,000 pages of new documents that show federal health care officials knew that the Obamacare website, when it launched in 2013, did not have the required “authorization to operate” (ATO) from agency information security officials. These documents, obtained from the U.S. Department of Health and Human Services (HHS), come in two productions of records:  a 143-page production and an 886-page production.  The email records reveal that HHS officials had significant concerns about the security of the Healthcare.gov site leading up to its October 1, 2013, launch.

Judicial Watch obtained the HHS documents in response to a court order in a Freedom of Information Act (FOIA) lawsuit (Judicial Watch v. U.S. Department of Health and Human Services (No. 1:14-cv-00430)).  The lawsuit was filed in March 2014, after HHS failed to respond to a December 20, 2013, FOIA request seeking the following information:

    All records related to the security of the healthcare.gov web portal including, but not limited to, studies, memoranda, correspondence, electronic communications (e-mails), and slide presentations from January 1, 2012 to the present.

On September 21, 2013, 10 days before the launch of the Obamacare website, Centers for Medicare and Medicaid Services (CMS) Information Security Officer Tom Schankweiler discussed with Deputy Chief Information Officer Henry Chao 17 initial “moderate” security issues findings and two “high” security issues. 

Two high findings and 3 moderate findings were resolved, according to the documents.  The emails also show that a separate security analysis found 17 “high” security issues, prompting Chao to ask, “What are we actually signing off on…?” 

Schankweiler responded that the numerous security issues resulted in CMS Security Officer Teresa Fryer’s refusing to approve the “ATO” (Authorization to Operate), something he indicated he found out belatedly.

The documents also show that on September 30, 2013, the day before the website launch, Blue Canopy, a contractor that was testing the security of the Healthcare.gov system, reported that the “parsing engine did not properly handle specially crafted messages.” The vendor added, “As a result, consumption of these messages would cause the service to crash.”

Over six weeks later, a November 6, 2013, email to colleagues George Linares, the acting chief technology officer of CMS, said that Healthcare.gov “is operating without an ATO [Authorization to Operate].”  Further, he added, “Operating without an ATO is a serious issue and it represents a high risk to the agency.”

More here

7 comments:

Anonymous said...

Is there anywhere within government, any government, that corruption isn't rampant today? 'In your face' rampant, I'll add. Seems they're ALL saying, "So what., no one's gonna do anything. And besides, I've already got mine."
It truly is sickening.

Thornton Crowe said...

If you read the Judicial Watch article in total, it is staggering that more outcry has not resulted in these breaches of privacy perpetrated by the healthcare.gov website. In a time where identity theft is at its all-time highest - and the criminal justice system's inability to bring most identity thieves to justice, it is atrocious the government would put privacy as a cursory concern just to launch some propagandize, unconstitutional system without thought to its far-reaching repercussions.

Anonymous said...

everyone was warned NOT to sign up with this corrupt, non-secure, broken down system. so sorry many didn't heed the warnings...

Anonymous said...

OMG. Give it a rest. By every FACTUAL measure, the ACA is a huge success despite the continued efforts by some to eliminate it. Face it. 15 million people enrolled. It's here to stay.

Anonymous said...

2:52
I don't think it is such a success. My once decent insurance is now worth crap. I still pay the same as I did before however now I have to pay a $2,000 deductible per person. We can't afford to even go to the doctor anymore. All that money we pay each month for nothing. Oh wait, not nothing it goes to pay for leeches like you. 15 million people signed up because they were MADE to sign up. The ones that did it willing are the ones that are getting it for free. I guess that is what makes you so happy getting something for free. Well it is not free we have to pay for it.

lmclain said...

2:52 You cannot be, with any plausible explanation, that incredibly stupid.
If so, please tell the rest of us where our promised (by your savior, obama, on national TV) "$2500 in savings" is.....
Tell me how my insurance premiums keep going up, up, up and why my deductibles keep going up, too. Not going to happen, said obama. Guess what?
Tell us how so many millions of Americans who HAD good health insurance can no longer afford to use it.
Tell us how the hackers in Ukraine have gobbled up the millions of records that the ACA so carelessly exposed (even after they were told it had about as much "security" as an abandoned house in Detroit).
Your memory is so short (or nonexistent) that you don't recall the people who designed the ACA being caught ADMITTING the ACA was a "scheme" that American voters were "too stupid" to see or understand. AND, they COUNTED ON that stupidity.
And your "leaders" (you think they are glorious savants, the rest of us think they are criminally incompetent) didn't even know themselves (disregard the fact that it was THEIR JOB to know....) what was in that bill and proved it when they said they "had to pass it to find out what was in it" (??!).
THIS is something your sing the praises for? ADMIRE it?
Get off your knees and wipe your mouth off.

Anonymous said...

Yeh!! what Imclain said