Wednesday, December 11, 2013


Story first appeared on

To say that the Obamacare website,, has been troublesome for the American public is an understatement. Since its launch on Oct. 1, report after report has stated that access is at best slow and at worst impossible. The website has performed so poorly that Wired Magazine released a story with the headline that read “Obamacare Website Is in Great Shape — If This Were 1996.”

However, over the last month a more startling problem has come to the forefront. The healthcare website is a risk to personally identifiable information of all of its users.

An Associated Press report revealed that no end-to-end security tests were performed and the non-existence of a security leader renders such tests impossible to perform today. The AP also noted that HHS Secretary Kathleen Sebelius’ testimony in another hearing confirmed this, and that an Authorization to Operate memo outlined significant security problems, the details of which were redacted except to say, “the threat and risk potential is limitless.”

A group of security specialists testifying to the House Science Committee recently echoed these findings. David Kennedy, a former cyber-intelligence analyst for the U.S. Marine Corps and the founder of an online security firm, told the committee that the risk to the public was easy to spot. “Fundamental security principles,” he said, are “not being followed.” The witnesses each offered similar assessments: Americans should avoid until it has been certified as safe for public consumption.

There is no quick fix. Avi Rubin, a University of Michigan graduate and current professor at Johns Hopkins, explained that you cannot solve a software problem by throwing money and people at it. “Once a project falls behind schedule, sticking to a hard deadline can result in a faulty system that is not properly tested,” he observed. Rubin also added, “One cannot build a system and add security later any more than you can construct a building and then add the plumbing and duct work afterwards.”

In its haste to implement Obamacare, the White House acted recklessly and put the personal information of users attempting to obtain health insurance at risk. It also potentially compromised dozens of other federal agencies and their systems because taps into numerous other federal websites. This problem cannot be taken lightly.

Despite numerous public statements from security experts that the website should be taken down while performance and security problems are fixed, President Barack Obama and Democrats in Congress continue to insist that Americans use the site. They would rather prop up the failing healthcare law rather than protect the American people’s privacy.

The job of Congress is to protect people’s rights, not take them away. That’s why I have introduced the Safe and Secure Federal Websites Act. My bill requires that future websites created by the federal government be reviewed by the Government Accountability Office and certified as secure by the issuing agency’s Chief Information Officer before being made available to the public. Furthermore, the Safe and Secure Federal Websites Act forces the White House to take down until it has been deemed safe, forcing the Department of Health and Human Services to implement standard security protocols that ensure the public no longer places itself in the sights of hackers simply because they follow the advice of the White House.

Obamacare has shown the difficulties of liberal governance and the troubles that happen when politicians try to control the most important aspects of our lives. The failure of comes from political cowardice rather than anticipated glitches. One of the main reasons the HHS website is nearly 25 times larger than Facebook, one of the largest websites in the world, stems from the Obama administration hiding the increased premiums from the public before federal subsidies are calculated. The administration knew that people would reject Obamacare if the skyrocketing premiums it has caused became too apparent. The White House placed an election over the protecting the public.

Government makes decisions poorly because politicians and bureaucrats too often do not have the same incentives of the citizenry. While Americans want the opportunity to succeed, elected officials too often develop large projects like Obamacare, paid for by taxpayer money, that often fail for the people (but help special interests).

Too often, failed federal programs leave our fellow citizens behind. The president’s healthcare reform was passed by one party over a bipartisan opposition. But now, many of our friends and neighbors are being hurt by it. Regardless of its good intentions — and trying to help people gain health insurance coverage is a good intention — government is almost always less efficient and more costly than the private sector. Whenever we discuss new projects, Congress should ask whether the government actually needs to get involved in the first place.

The Safe and Secure Federal Websites Act will ensure that politics never trumps the security of some of the most important personal information Americans have.

We were sent to Washington not to use the levers of power for political follies and misadventures, but rather to help our fellow citizens while still protecting the freedoms we all hold so dear.

No comments:

Post a Comment