Contractors: More testing of HealthCare.gov was needed

The U.S. Department of Health and Human Services took too little time testing how the many components of the troubled HealthCare.gov worked together before rolling out the insurance marketplace, contractors involved in the project said Thursday.

The HSS Centers for Medicare and Medicaid Services [CMS] spent two weeks testing the complex, US$500 million website in house before it launched Oct. 1 to widespread errors and slow load times, representatives of two major contractors working on the site told members of Congress.

CGI Federal, one of the main contractors for the Obamacare website, "would have liked to have months" to test how the multiple pieces of the project worked together, said Cheryl Campbell, a senior vice president for the company.

Yet, Campbell said CGI Federal did not ask CMS for more time to test the project, saying the decision on when to launch was up to CMS. Optum/QSSI, another contractor responsible for testing the website, did recommend more testing, but the project moved forward to meet its scheduled launch, said Andrew Slavitt, group executive vice president for the company.

Several members of the U.S. House of Representatives Energy and Commerce Committee, particularly Republicans who have long tried to repeal Obamacare, ripped into the contractors for the website failures. The launch of HealthCare.gov has been "nothing short of a disaster," Representative Fred Upton, a Michigan Republican and chairman of the committee, said during Thursday's hearing.

Contractors assured committee members during a Sept. 10 hearing that the website would be ready to go, several lawmakers noted.

Many Democratic committee members accused Republicans of using the website problems to again question the need for the law. But several Democrats also said they were disappointed with the site performance.

Representative Anna Eshoo, a California Democrat, questioned the contractors' testimony saying a large number of visitors caused many of the website's problems in the days after the launch.

"There are thousands of websites that handle concurrent volumes far larger than what HealthCare.gov was faced with," she said. "Amazon and eBay don't crash the week before Christmas, and ProFlowers doesn't crash on Valentine's Day."

Both Campbell and Slavitt said their companies tested their pieces of the project and were confident they would work as planned Oct. 1. But HealthCare.gov, one way for uninsured U.S. residents to shop for and sign up for health insurance under the 2010 Affordable Care Act, experienced massive problems in the first days of operation.

Four contractors testifying at the hearing generally pointed their fingers at other contractors or at HHS as the reason for the problems.

HealthCare.gov, which includes functionality for determining if applicants are eligible to buy health insurance under Obamacare, was one of the most complex government IT projects ever undertaken, Campbell told lawmakers. While the website still has some problems, contractors are working every day to fix errors, and the website is largely functional, she said.

Slavitt acknowledged that one problem in the first days of HealthCare.gov was with Optum/QSSI's registration and access management tool, called EIDM. The website "was inundated by many more consumers than anticipated," he said. "Many of the critical components developed by these multiple vendors were overwhelmed."

The company fixed EIDM about a week after launch, he said.

Thursday's hearing often veered into issues not directly related to the website performance, with some Republicans bringing up concerns about the cost of insurance plans and reports of U.S. residents being booted from their current insurance.

Representative Joe Barton, a Texas Republican, raised questions about language, buried in the source code of a registration page, saying users of the site have no reasonable expectation of privacy because government agencies can use the registration information for multiple purposes.

Users who register at the site do not see that statement, but Barton suggested it nevertheless violates Health Insurance Portability and Accountability Act of 1996 (HIPAA), a law that limits the sharing of health information.

"How in the world can this be HIPAA compliant?" he said. "This explicitly says, in order to continue, you have to accept this condition that you have no reasonable expectation of privacy."

Barton pressed Campbell on whether she thought the language was HIPAA compliant, and she said the language was not added by CGI Federal, but by CMS. "Do you think that's HIPAA compliant?" he said. "You know it's not HIPAA compliant. Admit it, you're under oath."

But Representative Frank Pallone Jr., a New Jersey Democrat, said Barton was misstating what information HIPAA covers. HealthCare.gov doesn't ask insurance applicants for health information that would be covered by HIPAA rules because Obamacare prohibits insurance companies from rejecting applicants for preexisting conditions.

Republicans are using the source code language to attack Obamacare, Pallone said. "You're trying to scare people so they won't apply," he told Barton.

When Barton asked Pallone if he would allow him to respond, Pallone answered: "I will not yield to this monkey court."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.