recommended reading

House GOP Watchdog Subpoenas Leader of the Fix

Marilyn Tavenner, administrator of the Centers for Medicare or Medicaid Services, testified Tuesday on Capitol Hill.

Marilyn Tavenner, administrator of the Centers for Medicare or Medicaid Services, testified Tuesday on Capitol Hill. // J. Scott Applewhite/AP

This post has been updated.

One of the House Republicans’ top watchdogs issued a subpoena on Tuesday morning for all correspondence between government officials and the contractor picked to lead the repair process for the government’s troubled online health insurance marketplace.

House Oversight and Government Reform Committee Chairman Darrell Issa, R-Calif., also demanded the contract between Quality Software Services, or QSSI, and the Health and Human Services Department along with the total value of government payments the contractor has received for building and repairing

Officials picked QSSI to lead what the government is calling a “tech surge” to fix glitches that prevented the majority of visitors from enrolling in insurance plans through the site during its first month online.

Officials believe the site will be operating without glitches by the end of November, in time for most people to purchase insurance before a Dec. 15 deadline, Marilyn Tavenner, administrator of the Centers for Medicare or Medicaid Services, told lawmakers on Tuesday.

That tight time frame for repairs coupled with earlier contractor testimony that underwent minimal testing before its public launch, raises serious questions about whether the site can securely manage citizens’ data, Issa said in his letter to QSSI.

Issa sent letters to QSSI and 10 other contractors seeking information about their contracts earlier this month, threatening a subpoena if the companies didn’t respond quickly. He also requested documents from Health and Human Services Secretary Kathleen Sebelius with a deadline of Monday.’s early problems were a combination of not enough server capacity to handle the volume of people seeking insurance through the site and glitches in the site itself that prevented people from registering and enrolling in insurance plans, Tavenner said. The server capacity problems have been fixed but numerous glitches remain, she told members of the House Ways and Means Committee.

Tavenner declined several times to say how many people have enrolled in insurance plans through the online marketplace so far. The administration plans to release those figures in mid-November, she said.

Tavenner also declined to say whether the government was on track to have enough enrollees in the insurance marketplace to make the president’s larger healthcare reform law cost effective. 

CMS was responsible for overseeing contractors’ work on and managed testing once those pieces were put together. That end-to-end testing only lasted about two weeks, according to testimony by QSSI and other vendors who said they would have preferred several months of testing.

Tavenner defended parts of CMS’ testing regimen before lawmakers on Tuesday but acknowledged the agency had not tested whether the site could manage the volume of traffic it ended up enduring.

During’s first few hours online it received five times as many visitors as CMS had projected, Tavenner said. Those traffic projections were based on visitors to after it relaunched in 2005 with new tools for recipients to research Medicare’s newly mandated prescription drug program.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.