Free Republic

The bureaucracy tasked with Obamacare implementation may be violating a law that requires government agencies to keep private information safe. Under the the Federal Information Security Management Act (FISMA), the Department of Health and Human Services’ Center for Medicare and Medicaid Services (CMS) is required to have an “Authority to Operate,” or ATO. In order to receive an ATO, new information tech systems must perform a set of tests, including “Security Control Assessments” (SCA). But according to CMS’s 2014 budget request, no such security assessment took place. The Federal Healthcare Marketplace website was rolled out without full end­-to­-end testing. Indeed,...

The Obama administration will proceed with a Bush-era plan to use National Security Agency assistance in screening government computer traffic on private-sector networks, with AT&T as the likely test site, according to three current and former government officials. — “We absolutely intend to use the technical resources, the substantial ones, that NSA has. But . . . they will be guided, led and in a sense directed by the people we have at the Department of Homeland Security,” the department’s secretary, Janet Napolitano, told reporters in a discussion about cybersecurity efforts. … The program is the most controversial element of...