Henry Chao, HealthCare.gov’s Chief Project Manager at CMS Says He Never Saw Memo Uncovered Warning Of “Limitless” Security Risks Of Obamacare Website

The roll-out of Obamacare has gone from complete incompetence to a full blown scandal …

CBS BOMBSHELL …

Henry Chao, HealthCare.gov’s chief project manager at CMS  in charge of building the federal health care website  testified for nine hours behind closed doors to the House Oversight Committee in advance of this week’s hearing that he was kept in the dark about serious failures in the website’s security. Chao stated that he was unaware of a September 3 government memo written by another senior official at CMS that found two high-risk issues. In fact he testified that he had been told just the opposite. Chao is the individual who gave the go ahead for Healthcare.gov to go live on October 1, 2013; however, it appears that the person in charge of the project was kept in the dark. Chao testified that it was the first time he saw any such memo that said “the threat and risk potential (to the system) is limitless. When asked whether he was surprised he never saw any such memo he replied, “Yeah … I mean, wouldn’t you be surprised if you were me? It is disturbing. I mean, I don’t deny that this is … a fairly nonstandard way” to proceed.

Obamacare_memo2

How does somebody not tell the project manager of system vulnerability findings? Someone is either lying or purposely set out to mislead to make sure this was implemented on time irregardless of the risks. The real question is did the Obama administration know this and were they directing the implementation be on time at all cost? Sorry folks, I am a healthcare project manager and I have never heard of anything like this. Heads would roll if anything remotely like this occurred.

“What I recall is what the team told me, is that there were no high findings,” he said.

Chao testified security gaps could lead to identity theft, unauthorized access and misrouted data.

According to federal guidelines, high risk means “the vulnerability could be expected to have a severe or catastrophic adverse affect on organizational operations … assets or individuals.”

Obamacare_memo3

The author of the security memo in question, Tony Trenkle, retired from CMS last week. Hmm, so did he retire, did he just have enough, or was he forced out?

The CIO for the Centers for Medicare & Medicaid Services, Tony Trenkle, is leaving CMS, the agency embroiled in the ill-fated rollout of government’s Healthcare.gov insurance marketplace website.

Trenkle, who directs CMS’s Office of Information Services and oversees $2 billion in annual IT spending at CMS, is departing effective Nov. 15 to take an undisclosed position in the private sector. His departure was announced in an internal agency memo released today from by CMS chief operating officer Michelle Snyder.

Must see VIDEO that ALL  should watch of the risk that Obama and his minions put “We the People” in by accessing Healthcare.gov to the “Limitless” Security Risks

CBS News:

CBS News has learned that the project manager in charge of building the federal health care website was apparently kept in the dark about serious failures in the website’s security. Those failures could lead to identity theft among buying insurance. The project manager testified to congressional investigators behind closed doors, but CBS News has obtained the first look at a partial transcript of his testimony.

Henry Chao, HealthCare.gov’s chief project manager at the Centers for Medicare and Medicaid Services (CMS), gave nine hours of closed-door testimony to the House Oversight Committee in advance of this week’s hearing. In excerpts CBS News has obtained, Chao was asked about a memo that outlined important security risks discovered in the insurance system.

Chao said he was unaware of a Sept. 3 government memo written by another senior official at CMS. It found two high-risk issues, which are redacted for security reasons. The memo said “the threat and risk potential (to the system) is limitless.” The memo shows CMS gave deadlines of mid-2014 and early 2015 to address them.

HIPAA Be Damned … Obamacare’s HealthCare.gov Users Warn of Security Risk, Breach of Privacy

What else could this disastrous web site possibly do wrong?

Obamacare’s Healthcare.gov website discloses eligibility letters written to other applicants. Hmm, thanks for the break of privacy of unsuspecting individuals who signed onto Healthcare.gov.  The security flaw disclosed eligibility letters addressed to individuals from another state. Just curious, was a data disclosure made to HHS in compliance with HIPAA privacy rules like many healthcare government contractors are supposed to do within a specified amount of time? Or do your own rules not apply to yourself?

As reported at The Weekly Standard, below is a screen shot of one of the “eligibility letters” he wasn’t supposed to receive.

Obamacare_eligibility letters

From The Foundry:

Justin Hadley logged on to HealthCare.gov to evaluate his insurance options after his health plan was canceled. What he discovered was an apparent security flaw that disclosed eligibility letters addressed to individuals from another state.

“I was in complete shock,” said Hadley, who contacted Heritage after becoming alarmed at the breach of privacy.

Hadley, a North Carolina father, buys his insurance on the individual market. His insurance company, Blue Cross Blue Shield of North Carolina, directed him to HealthCare.gov in a cancellation letter he received in September.

After multiple attempts to access the problem-plagued website, Hadley finally made it past the registration page Thursday. That’s when he was greeted with downloadable letters about eligibility — for two people in South Carolina.

The document shows that administration officials at the Centers for Medicare and Medicaid Services were concerned that a lack of testing posed a potentially “high” security risk for the HealthCare.gov website serving 36 states.

Security Risk

Last week, the Associated Press disclosed a government memo revealing the “high” security risk for HealthCare.gov. Those concerns surfaced at Wednesday’s hearing with HHS Secretary Kathleen Sebelius, who claimed the system was secure.

HHS spokeswoman Joanne Peters told the AP, “When consumers fill out their online … applications, they can trust that the information they’re providing is protected by stringent security standards and that the technology underlying the application process has been tested and is secure.”

However, that didn’t stop members of Congress from voicing alarm.

“You accepted a risk on behalf of every user … that put their personal financial information at risk,” Representative Mike Rogers (R-MI) told Sebelius. “Amazon would never do this. ProFlowers would never do this. Kayak would never do this. This is completely an unacceptable level of security.”

Obama Administration Was Warned About Obamacare Health Care Website (Healthcare.gov) Was Not Ready to Go Live

The Obama administration was warned one month before the October 1 rollout date that the Obamacare web site, Healthcare.gov, was a no go. But as we now know, Healthcare.gov was launched any how and was a complete and total, embarrassing disaster.

And the problems were just a matter of time. For a “severe” and “high priority” problem, CGI warned that the company “does not have access to necessary tools to manage envs [environments] in test, imp,  and prod,” three stages of site development where the page is tested, improved and produced.

“Specifically (1) we don’t have access to central log collection / view (2) we don’t have access to monitoring tools,” the documents reads. “We have repeatedly asked CMS and URS but have not been granted this access.”

From CNN:

The Obama administration was given stark warnings just one month before launch that the federal healthcare site was not ready to go live, according to a confidential report obtained by CNN.

The caution, from the main contractor CGI, warned of a number of open risks and issues for the HealthCare.gov web site even as company executives were testifying publicly that the project had achieved key milestones.

On Capitol Hill on Tuesday, Medicaid Chief Marilyn Tavenner, whose job it was to oversee the October 1 rollout of the website, said she did not foresee its problems.

“No, we had tested the website and we were comfortable with its performance,” she said. “Now, like I said, we knew all along there would be as with any new website, some individual glitches we would have to work out. But, the volume issue and the creation of account issues was not anticipated and obviously took us by surprise. And did not show up in testing.”

Here are the docs from CGI.

Another Obamacare Fiasco … Data Center Used In the Online Sign-Up Process Failed Sunday

More from Barack Obama and the Gang that could not shoot straight …

A data center critical for allowing uninsured Americans sign up for Obamacare crashed Sunday. HHS was quick to blame some one else quickly stating that the on-line sign up process failed because the private contractor, Verizon’s Terremark, running the data hub experienced a “failure in the networking component that brought down network connectivity to the site.” Sorry, but it is the cumulative effect of the colossal failures of the rollout of the Obamacare website and it appears that it is still plagued with errors.

Obama_surprised

Not Again!!!

A data center critical for allowing uninsured Americans to buy health coverage under President Barack Obama’s health care law went down Sunday, halting online enrollment for all 50 states in the latest problem to hit the program’s troubled rollout.

The data center operated by Verizon’s Terremark experienced a connectivity issue that caused it to shut down, affecting the federal government’s already problem-plagued online marketplace Healthcare.gov and similar sites operated by 14 states and the District of Columbia, according to the U.S. Department of Health and Human Services (HHS).

Obama administration and company officials could not say how long it would take to fix the connectivity problem.

The Politico:

Visitors to the federal exchange were unable to access the website late Sunday. A spokeswoman for the Department of Health and Human Services said that’s because the private contractor running the data hub experienced a “failure in the networking component that brought down network connectivity to the site.”

“Today, Terremark had a network failure that is impacting a number of their clients including HealthCare.gov,” HHS spokeswoman Joanne Peters said in a statement. “Secretary Sebelius spoke with the CEO of Verizon this afternoon to discuss the situation and they committed to fixing the problem as soon as possible.”

HHS said the failure is likely affecting other sites besides just HealthCare.gov and the federal data hub.

Now HHS Secretary Kathleen Sebelius Blaming Republicans for Obamacare Website Failures

It appears that Sebelius has learned from the master Barack Obama in blaming everyone else for everything …

UNREAL, HHS Secretary Kathleen Sebelius is blaming Republicans for the lack of testing and the Obamacare website Healthcare.gov rollout failures. These people will take blame for nothing, including their own incompetence. It is just remarkable that these individuals in the federal government will not take responsibility for what they were the project managers and CEO over. When the contractors were questioned by the House this last week in committee hearings, many of them pointed blame back at the government.  Obama, Sebelius and the cronies that they gave the “no bid” contract to had three years to develop and implement the website. If Sebelius wants to blame anyone for the fact that she had a hard deadline of October 1 to go live, she has no one to blame but President Barack Obama. He delayed certain parts of Obama like the employee mandate, he well could have delayed the implementation date as well.

Everyone say along with us, GOP is to blame, GOP is to blame, GOP is to blame

Obama_Sebelius

click on pic to listen to video

From Fox Nation:

In an ideal world there would have been a lot more testing. We did not have the luxury of that with a law that said it’s go time on October 1st and frankly a political atmosphere where the majority party at least in the House was determined to stop this any way they possibly could including shutting down the United States government. So it was not an ideal atmosphere.

← Previous PageNext Page →

Support Scared Monkeys! make a donation.

 
 
  • NEWS (breaking news alerts or news tips)
  • Red (comments)
  • Dugga (technical issues)
  • Dana (radio show comments)
  • Klaasend (blog and forum issues)
 
 
 
 
 
 
 
Close
E-mail It