Amateur hour – Healthcare.gov security

Amateur hour – No security ever built into Obamacare site: Hacker.

“When you develop a website, you develop it with security in mind. And it doesn’t appear to have happened this time,” said David Kennedy, a so-called “white hat” hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.

“It’s really hard to go back and fix the security around it because security wasn’t built into it,” said Kennedy, chief executive of TrustedSec. “We’re talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself.”

According to the Department of Health and Human Services, which oversaw the implementation of the website, the components used to build the site are compliant with standards set by Federal security authorities.

“The privacy and security of consumers’ personal information are a top priority for us. Security testing happens on an ongoing basis using industry best practices to appropriately safeguard consumers’ personal information,” said the spokesperson.

Do you believe the Government or David Kennedy?

 

This entry was posted in healthcare reform and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.