Publisher's Note: One of the most significant things you can do to promote Liberty is to support our mission. Please make your gift to the 2024 Year-End Campaign today. Thank you! —Mark Alexander, Publisher

January 28, 2016

Healthcare.gov Fail

When James Madison argued in favor of a representative republic over a direct democracy in the Federalist Papers, he was most concerned about the emergence of political factions that would marginalize average citizens. But Madison’s constitutional arrangement presumed that elected representatives would exercise firm control over public policy decisions. Over past few decades, those elected representatives have surrendered policy making decisions to unaccountable, cumbersome, incompetent administrative agencies. Exhibit A: The U.S. Department of Health and Human Services (HHS).

When James Madison argued in favor of a representative republic over a direct democracy in the Federalist Papers, he was most concerned about the emergence of political factions that would marginalize average citizens. But Madison’s constitutional arrangement presumed that elected representatives would exercise firm control over public policy decisions. Over past few decades, those elected representatives have surrendered policy making decisions to unaccountable, cumbersome, incompetent administrative agencies. Exhibit A: The U.S. Department of Health and Human Services (HHS).

Just a few days ago we released over 1,000 pages of new documents that show Obama administration health care officials knew the Obamacare website, when it launched in 2013, did not have the required “authorization to operate” (ATO) from agency information security officials. These documents, obtained from the U.S. Department of Health and Human Services (HHS), come in two productions of records: a 143-page production and an 886-page production. The email records reveal that HHS officials had significant concerns about the security of the Healthcare.gov site leading up to its October 1, 2013, launch.

Unless Congress steps up to restore Madison’s representative republic, it falls to groups like JW to look out for the public interest against federal leviathan that is dangerously out of control.

We obtained the HHS documents in response to a court order in a Freedom of Information Act (FOIA) lawsuit. The lawsuit was filed in March 2014, after HHS failed to respond to a December 20, 2013, FOIA request seeking the following information:

All records related to the security of the healthcare.gov web portal including, but not limited to, studies, memoranda, correspondence, electronic communications (e-mails), and slide presentations from January 1, 2012 to the present.

On September 21, 2013, 10 days before the launch of the Obamacare website, Centers for Medicare and Medicaid Services (CMS) Information Security Officer Tom Schankweiler discussed with Deputy Chief Information Officer Henry Chao 17 initial “moderate” security issues findings and two “high” security issues. Two high findings and three moderate findings were resolved, according to the documents. The emails also show that a separate security analysis found 17 “high” security issues, prompting Chao to ask, “What are we actually signing off on…?” Schankweiler responded that the numerous security issues resulted in CMS Security Officer Teresa Fryer’s refusing to approve the “ATO” (Authorization to Operate), something he indicated he found out belatedly.

The documents also show that on September 30, 2013, the day before the website launch, Blue Canopy, a contractor that was testing the security of the Healthcare.gov system, reported that the “parsing engine did not properly handle specially crafted messages.” The vendor added, “As a result, consumption of these messages would cause the service to crash.”

Over six weeks later, a November 6, 2013, email to colleagues George Linares, the acting chief technology officer of CMS, said that Healthcare.gov “is operating without an ATO [Authorization to Operate].” Further, he added, “Operating without an ATO is a serious issue and it represents a high risk to the agency.”

Does it not outrage you that the “risk to the agency” is the chief concern?! We all know that Obamacare puts our health care — as you knew it — in jeopardy. It also puts our privacy and security in danger.

In a separate November 6, 2013, memo sent a month after the initial website launch, as HHS prepared for a relaunch, CMS security testing contractor Adam Willard warned CGI Federal programmer Balaji Ramamoorthy, “it is possible for anyone to run a brute force [attack] against Healthcare.gov to obtain the results of their eligibility.” (CGI Federal the Canadian-owned IT contractor hired by CMS to oversee most of the Healthcare.gov website development. The Obama administration announced in January 2014 that it was replacing CGI Federal and hiring Accenture at a cost of $90 million. Don’t cry for CGI, as it continues to get billions in federal contracts.)

Perhaps the most telling indications of security officials’ serious misgivings about the security of the Obamacare website, even after its launch, were the HHS roll call manifests providing information about attendance and actions at meetings to discuss whether to proceed with a relaunch of the site. Schankweiler, the key information security official, did not attend a November 2013 meeting to discuss deployment of a new version of Healthcare.gov and did not send a representative in his place. As he was not present, Schankweiler, representing “Security,” is listed as the only official not voting (either yes or no) to approve the Healthcare.gov “promotion” or relaunch.

Sure enough, a few weeks after this meeting, on November 26, Schankweiler reiterated pressing security issues to CMS official Todd Couts: “I would like to escalate this ticket to high risk on the defect list. I know that a bunch of security risk have recently appeared on the list, but I wanted to let you know this one is considered a high priority.”

This Judicial Watch FOIA litigation previously uncovered that top CMS officials knew of massive security risks with Healthcare.gov before its launch and deliberately chose to rollout the website without resolving the problems. We also released “Sensitive Information — Special Handling” memos sent from CMS to Mitre Corporation, the Healthcare.gov security testing company, in which CMS rated “political … damage” and “public embarrassment to CMS” as factors in defining “Risk Rating” priorities. Judicial Watch also uncovered the previously secret involvement of the Department of Homeland Security in the Obamacare site and how the Obama White House further weakened privacy protections of Healthcare information on the Healthcare.gov website.

No wonder it took a federal court order to force out these new Obamacare scandal documents. The documents show the Obama administration cast aside the rules and knowingly allowed its Obamacare website to put the most private health care information of millions of Americans at risk.

The Obama administration is prosecuting private companies for the same security lapses it knowingly allowed with its own Healthcare.gov.

Will Justice Department prosecutors now investigate the Obamacare website security scandal?

In the meantime, Americans, thanks to JW — not Congress or the Big Media — now have been warned about the high risk of using Healthcare.gov.

We are all jeopardy in the age of Obama.

Who We Are

The Patriot Post is a highly acclaimed weekday digest of news analysis, policy and opinion written from the heartland — as opposed to the MSM’s ubiquitous Beltway echo chambers — for grassroots leaders nationwide. More

What We Offer

On the Web

We provide solid conservative perspective on the most important issues, including analysis, opinion columns, headline summaries, memes, cartoons and much more.

Via Email

Choose our full-length Digest or our quick-reading Snapshot for a summary of important news. We also offer Cartoons & Memes on Monday and Alexander’s column on Wednesday.

Our Mission

The Patriot Post is steadfast in our mission to extend the endowment of Liberty to the next generation by advocating for individual rights and responsibilities, supporting the restoration of constitutional limits on government and the judiciary, and promoting free enterprise, national defense and traditional American values. We are a rock-solid conservative touchstone for the expanding ranks of grassroots Americans Patriots from all walks of life. Our mission and operation budgets are not financed by any political or special interest groups, and to protect our editorial integrity, we accept no advertising. We are sustained solely by you. Please support The Patriot Fund today!


The Patriot Post and Patriot Foundation Trust, in keeping with our Military Mission of Service to our uniformed service members and veterans, are proud to support and promote the National Medal of Honor Heritage Center, the Congressional Medal of Honor Society, both the Honoring the Sacrifice and Warrior Freedom Service Dogs aiding wounded veterans, the Tunnel to Towers Foundation, the National Veterans Entrepreneurship Program, the Folds of Honor outreach, and Officer Christian Fellowship, the Air University Foundation, and Naval War College Foundation, and the Naval Aviation Museum Foundation. "Greater love has no one than this, to lay down one's life for his friends." (John 15:13)

★ PUBLIUS ★

“Our cause is noble; it is the cause of mankind!” —George Washington

Please join us in prayer for our nation — that righteous leaders would rise and prevail and we would be united as Americans. Pray also for the protection of our Military Patriots, Veterans, First Responders, and their families. Please lift up your Patriot team and our mission to support and defend our Republic's Founding Principle of Liberty, that the fires of freedom would be ignited in the hearts and minds of our countrymen.

The Patriot Post is protected speech, as enumerated in the First Amendment and enforced by the Second Amendment of the Constitution of the United States of America, in accordance with the endowed and unalienable Rights of All Mankind.

Copyright © 2024 The Patriot Post. All Rights Reserved.

The Patriot Post does not support Internet Explorer. We recommend installing the latest version of Microsoft Edge, Mozilla Firefox, or Google Chrome.