A photo of the homepage for the site HealthCare.gov, the country's new health care website.
Hide Caption

Security risks for Heathcare.gov known before sign-up deadline

a a a a
Share this story

Months after its launch, as millions of Americans log on to shop for health plans, HealthCare.gov has still had serious security issues.

During testing of the site, a cybersecurity official House Oversight Committee said that there have been "two high findings" of risk during a private transcribed interview.

The exact description of the issue was redacted from the transcript to assure security, an official told ABC News.

One risk factor was noted in November. The other was reported earlier this week.

“In one case, what was initially flagged as a high finding was proven to be false,” the agency said in a statement. “In the other case, we identified a piece of software code that needed to be fixed and that fix is now in place. Since that time, the feature has been fully mitigated and verified by an independent security assessment, per standard practice."

While administration officials maintain that there have been no violations of HealthCare.gov security or of personal information, the oversight of high-risk issues in recent testing is noteworthy. 

Portions of  the CMS cybersecurity chief’s testimony provided to ABC News show that she recommended that HealthCare.gov not launch on Oct. 1 because of serious security concerns.

The Chief, Teresa Fryer, said she gave the same warning in September, days before the launch. She said she would have denied an Authority of Operate (ATO) license for the website to go public. But instead, the site went live on Oct. 1 without further security testing.

Fryer told the committee that when she signed a document acknowledging the risks, she made it clear that she was “not agreeing with the decision” to authorize the ATO.

An official told ABC on Friday that the issues identified as "high risk" have now been resolved.

Health and Human Services spokeswoman Joanne Peters said that "risk mitigation strategies" are in place for risk findings on the website.

Copyright 2013 Scripps Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Print this article

Comments

Hmm... It looks like you’re not a WCPO Insider. or Subscribe now to contribute!

More Technology News
Had a crazy dream? Call the hotline
Had a crazy dream? Call the hotline

Whether it's the nightmare that woke you up or the crazy dream that keeps recurring, our dreams can be windows to better understanding…

Internet TV case: Justices skeptical, concerned
Internet TV case: Justices skeptical, concerned

Grappling with fast-changing technology, Supreme Court justices debated Tuesday whether they can protect the copyrights of TV broadcasters to…

Netflix poised to raise prices after strong 1Q
Netflix poised to raise prices after strong 1Q

Netflix is preparing a sequel unlikely to be a hit with its subscribers. The Internet video service is about to raise its prices for the…

Poll: Big Bang a big question for most Americans
Poll: Big Bang a big question for most Americans

Few Americans question that smoking causes cancer. But they express bigger doubts as concepts that scientists consider to be truths get…

High court takes up TV over Internet case
High court takes up TV over Internet case

The Supreme Court is taking up a dispute between broadcasters and an Internet startup company that has the potential to bring big changes to…

Joss Whedon to release new movie as download
Joss Whedon to release new movie as download

Joss Whedon is releasing a film he wrote as a $5 digital download, bypassing the normal channels of independent film distribution.

REPLAY: SpaceX rocket blasts off from Cape
REPLAY: SpaceX rocket blasts off from Cape

A SpaceX commercial rocket blasted off from Cape Canaveral on schedule Friday afternoon and is heading to the International Space Station.

5 features Amazon smartphone might offer
5 features Amazon smartphone might offer

Rumors of an Amazon smartphone reached a fever pitch this week, with several tech blogs speculating that the device could be due out this year.

An airline oops tops digital week in review
An airline oops tops digital week in review

Each week, we recap the stories and trends that made headlines in the digital world. Read on to see what you missed.

NASA's moon-orbiting robot crashes down
NASA's moon-orbiting robot crashes down

NASA's robotic moon explorer, LADEE, is no more. Flight controllers confirmed early Friday that the moon-orbiting spacecraft crashed into…