Oversight Investigation Turns Up CMS Memo About ‘High’ Website Security Risks
But news outlets are reporting that the project manager working on the healthcare.gov website was not made aware of these issues.
The New York Times: Official At Health Site Says He Didn't Know Of Potential Risk
The chief digital architect for the federal health insurance marketplace has told congressional investigators that he was not aware of tests that indicated potential security flaws in the system.... The official, Henry Chao, made the statement Nov. 1 to investigators for the House Committee on Oversight and Government Reform, led by Representative Darrell Issa of California. ... The [Sept. 3] memo, from Tony Trenkle, the chief information officer at the federal Centers for Medicare and Medicaid Services, noted six security problems, two of which were described as posing high risks (Pear, 11/11).
CBS News: Memo Warned Of “Limitless” Security Risks For HealthCare.Gov
CBS News has learned that the project manager in charge of building the federal health care website was apparently kept in the dark about serious failures in the website's security. Those failures could lead to identity theft among those buying insurance. The project manager testified to congressional investigators behind closed doors, but CBS News has obtained the first look at a partial transcript of his testimony (Attkisson, 11/11).