Friday, November 08, 2013

CMS, Tavener Seem to Have Violated Federal Rules in Falsely Certifying Healthcare.gov As "Secure"
It appears that CMS violated federal guidelines regarding security certification. Federal rules require that website be certified as secure before being permitted to go live. 
For reasons that I trust are obvious. 
But Healthcare.gov was never tested, and the White House and CMS were being warned by IT people that it was insecure. 
So what Tavener did is sign an "interim" security certification, with a directive to... test for security after the site already certified as secure was live.
 AND THEN THERE'S THIS:


Chief IT Officer Fired By Obama Might Have Been Terminated For Refusing to Sign False Certification of Healthcare.gov's Security

Tony Trenkle, the Obamacare official in charge of HealthCare.gov security efforts announced his resignation Wednesday, effective next week. 
CBS News has learned that Trenkle, the Chief Information Officer for the Centers for Medicare and Medicaid Services (CMS), was originally supposed to sign off on security for the glitch-ridden website before its Oct. 1 launch, but didn't. Instead, the authorization on September 27 was given by Trenkle's boss, CMS administrator Marilyn Tavenner. 
As CBS News reported Monday, security assessments fell behind and the website never had the required top-to-bottom tests.

1 comment:

Epaminondas said...

Is there an y doubt that if Ttenkle DID refuse to sign the 'it's ready' email or memo or whatever, he is headed for Vermillion SD as a teaching assistant in the MA Dog Catcher track?

This used to be a hell of a country.