November 05,2013

Press Contact:

 Julia Lawless, Antonia Ferrier, 202.224.4515

Obama Administration Says “High Risk” of ObamaCare Security Breaches

White House Says Security Testing Complete, But “Top To Bottom Security Tests Never Were Finished

WASHINGTON – Can the Obama Administration assure the American people that their personal information will be safeguarded when signing up for ObamaCare?  The Administration says yes, but the reality is NO.

The White House says all is well…

  • Todd Park, the Obama Administration’s Chief Technology Officer, said on September 11, 2013, that “after over two years of work, it [] is built and ready for operation, and we have completed security testing and certification to operate.” (Bloomberg News, “Obama Computer Hub Complete Information Security Tests,” September 11, 2013)
  • “White House Press Secretary Jay Carney said, ‘Consumers can trust that their information is protected by stringent security standards.’” (CBS News, “Obamacare website security tests never finished before launch,” November 5, 2013)

But the facts tell a different story…

  • “‘From a security perspective, the aspects of the system that were not tested due to the ongoing development, exposed a level of uncertainty that can be deemed as high risk for FFM [Federally Facilitated Marketplace],’ said the Sept. 27 memo. The memo was issued by CMS IT officials James Kerr and Henry Chao, and signed by CMS Administrator Marilyn Tavenner.” (National Journal, “CMS Memo Warned of Security Threat Before Obamacare Site Launch,” October 31, 2013)
  • “A CBS News analysis finds key tests to ensure the security and privacy of customer information on troubled Obamacare website fell behind schedule.  A deadline for final security plans was delayed three times over the summer, and final top-to-bottom security tests never were finished before the launch.” (CBS News, “Obamacare website security tests never finished before launch,” November 5, 2013)

And the American people deserve answers…
•    “[W]e are troubled that day after day more issues arise which illustrate that the website was simply not ready to launch on October 1.  While we recognize that the website’s operational issues are being worked on and will likely be resolved eventually, serious questions remain as to the privacy and security of the very detailed personal information being transmitted through the Federally-Facilitated Marketplace (FFM) and what testing, if any, occurred or is occurring to ensure that information is secure.” (Letter from Senate Finance Committee Republicans to Health and Human Services Secretary Kathleen Sebelius, October 29, 2013)