Judicial Watch today released 944 pages of Department of Health and Human Services (HHS) records showing that the Obamacare website was launched despite serious concerns by its security testing contractor, Mitre Corporation, as well as internal executive-level apprehension about security.
The documents reveal that Mitre recommended a “Denial Authorization to Operate” in the month prior to Obamacare’s launch, noting that it could not adequately test the confidentiality and integrity of the system. It said that complete end-to-end testing of the system never occurred. Miter found that 11 “moderate” security findings and eight “low” findings remained open as September 19, 2013 – 12 days before the launch.
And an unsigned “Authorization to Operate” prepared just five days before Obamacare’s launch, indicates that the site’s “validation contractor” was “unable to adequately test the confidentiality and integrity of the [Federally Facilitated Marketplace] system in full.” That contractor, Blue Canopy, noted that they were able to access data “that should not be publically accessible.”
. . .