Experts Cast Doubt on Obamacare Site Security

Lawmakers are seeking answers on whether Obama administration risked the security of Americans' personal information during the rollout of HealthCare.gov.

The top cybersecurity officer for Health and Human Services Department said he was concerned about security risks before the launch of the Obamacare website.

Kevin Charest told congressional investigators in a Jan. 8 deposition he was unable to get answers to his questions from others inside the agency.

As chief information security officer for HHS, Charest offered a look at insider concerns during the weeks and days before the website went live. Technical problems developed immediately and many potential customers were frozen out.

But the Centers for Medicare and Medicaid Services (CMS), the departmental division running the health care rollout, wasn't sharing any information.

"I was frustrated by a number of requests I made that I did not receive," Charest said.

The requests were not just related to security but other operational issues as well, he said. Charest concluded that testing of the site was substandard.

Meanwhile, other experts argued HealthCare.gov is still riddled with problems, some of which may compromise the confidentiality of users' sensitive health and personal information.

"It could be used potentially to get information on financial data," Michael Gregg, chief executive officer of Superior Solutions, testified.

"It could be used for identity theft; it could be misused many different ways," he continued. "This can be, long term, can be very damaging to an individual."
    
But Teresa Fryer, chief information security officer at CMS, told a House panel Thursday the site recently passed full security tests and that to date, there have been no successful security attacks.