Security problems reported at the U.S. government's troubled HealthCare.gov are overblown because security testing has been ongoing for months, the secretary of the U.S. Department of Health and Human Services said Wednesday.
HHS Secretary Kathleen Sebelius defended security measures at the troubled health insurance shopping website, telling U.S. lawmakers that security measures are in place, despite a CNN report on a department memo Sept. 27 outlining security concerns with the website.
Representative Mike Rogers, a Michigan Republican, questioned if HHS and its contractors were testing new code being added to the website as they try to fix the many technical problems at HealthCare.gov. Many people have been unable to navigate the website, launched as part of health insurance reforms under the Affordable Care Act, commonly called Obamacare, or to complete applications for health insurance during its first weeks.
"Have any end-to-end security tests been conducted since HealthCare.gov went live?" he asked during a hearing of the House of Representatives Energy and Commerce Committee. "I can tell you they [have] not, and I'd be interested in why not."
"My understanding is there is continuous testing," Sebelius said. "I will find out what testing is being done. I know they're doing simultaneous testing as new code is loaded." Contractor Mitre is responsible for security testing, she said.
During the often contentious hearing, Sebelius faced tough questions from lawmakers, with some demanding to know who was responsible for the malfunctioning website. Sebelius apologized for the performance of HealthCare.gov, saying she took personal responsibility for the widespread problems with the website, launched this month to help U.S. residents shop for health insurance.
Representative Marsha Blackburn, a Tennessee Republican, called the website rollout a "debacle."
"Hold me responsible for the debacle," Sebelius said.
Blackburn pointed to error messages on HealthCare.gov over the weekend and again Wednesday morning. The website is one of the main ways for U.S. residents to shop for new health insurance plans offered through Obamacare.
The recent website outages were due to a problem at cloud services provider Verizon Communications, Sebelius said.
"You're now blaming it on the contractors," Blackburn responded.
Sebelius said she wasn't trying to place blame, but to explain the problems.
Access to HealthCare.gov has been a "miserably frustrating experience," for many U.S. residents wanting to shop for health insurance, Sebelius said earlier in the hearing. "Let me say directly to these Americans, you deserve better. I apologize. I'm accountable to you for fixing these problems."
Sebelius repeated estimates that the website would be working for the majority of users by the end of November. The team working on the site is making improvements every day, she said, but there remains much work to do.
Asked how U.S. residents should have confidence in that date when HHS officials promised the website would work on Oct. 1, Sebelius said taxpayers will have to watch the progress. "I know there's no confidence in that date until we deliver on that date," she said. "That's on me."
While the committee billed the hearing as focused on HealthCare.gov, much of the discussion veered toward more general criticisms by Republicans of the Affordable Care Act, a massive overhaul of the U.S. health insurance industry.
Many Republican lawmakers cited reports of U.S. residents having their current health insurance plans canceled, despite promises from President Barack Obama that people could keep plans they liked. Insurance companies are canceling some coverage because the plans don't meet the law's requirements and affected people will be able to buy new insurance plans through the government-run marketplaces, with many people saving money with the new plans, Sebelius said.
Some Democrats said it's ironic that Republicans are now concerned about the website performance when they've voted unsuccessfully dozens of times to repeal Obamacare. "They're rooting for it to fail," said Representative Eliot Engel, a New York Democrat.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is email@example.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.