WhatFinger

They were just so darned far behind...why not skip it entirely?

CBS: Obama administration granted itself a waiver to dodge final security testing on Healthcare.gov website

By Robert Laurie ——--November 5, 2013

American Politics, News | CFP Comments | Reader Friendly | Subscribe | Email Us

If you're in charge of a lawless administration plagued by scandals in which your NSA is spying on virtually every American with internet access, maybe you don't think "security" is that big of a deal. Let's face it, if you build a new federal website with strict security measures, you'll just make it that much harder for your own intelligence agencies to collect data on law-abiding citizens. You wouldn't want that.
Perhaps that's why, when the designers of Healthcare.gov were regularly missing their security assessment test deadlines, the White House took the extraordinary measure of granting itself a "waiver" which allowed it to launch the website with privacy issues intact. According to CBS News yesterday:
As HealthCare.gov was being developed, crucial tests to ensure the security and privacy of customer information fell behind schedule.
CBS News analysis found that the deadline for final security plans slipped three times from May 6 to July 16. Security assessments to be finished June 7 slid to August 16 and then August 23. The final, required top-to-bottom security tests never got done. The House Oversight Committee released an Obama administration memo that shows four days before the launch, the government took an unusual step. It granted itself a waiver to launch the website with "a level of uncertainty ... deemed as a high (security) risk."
I know what you're thinking. If unions, politicians, and fast food chains are getting them, why shouldn't Obama get one? They're granting everyone else waivers, why not grant one to themselves? I admit; it makes perfect sense. After all, when people are enrolling in a brand new government healthcare scam system, it's not like privacy is going to be a big deal. Why, there's probably nothing here that even exposes the user, right? Wrong. CBS News followed up on their initial report this morning. ...let's just say things aren't going well.

Uh-oh. "Multiple security issues including usernames and passwords." That doesn't sound good. Don't worry though...they're fixing everything. It may take a while, but we're sure that the companies hired to do the repairs have sterling, unblemished, security records. Well... Let's just refer to what Elise Viebeck wrote over at The Hill.
A contractor heavily involved in repairing HealthCare.gov was previously criticized for endangering the personal data of more than 6 million government beneficiaries through insufficient security controls. Lax data safety at Quality Software Services, Inc. (QSSI) was deemed a "high" risk in a June probe by federal investigators who revealed the company had failed to stop its employees from connecting unauthorized USB devices to highly sensitive Medicare systems. The June report by the Health and Human Services (HHS) inspector general revealed that QSSI's inaction allowed workers to connect unsanctioned devices, such as iPods, to 29 out of the 30 workstations studied, all of which had access to millions of Medicare patients' personal data.
So let's get this straight. First, the administration dodges its own self-imposed security checks by issuing itself a waiver. As a result, systemic security issues develop. So, they hire a company to repair the site, and they select one which they have previously cited for having lax security standards. It's a perfect Ouroboros of ineptitude.

Support Canada Free Press

Donate
Subscribe

View Comments
Robert Laurie——

Robert Laurie’s column is distributed by HermanCain.com, which can be found at HermanCain.com

Be sure to “like” Robert Laurie over on Facebook and follow him on Twitter. You’ll be glad you did.

VIEW Comments

Sponsored