Coding behind the ACA website

[bigbadwolf]

Interesting article on the ACA fiasco.

Nearly 20 million Americans have now experienced the broken Obamacare website first hand. But Ben Simo, a past president of the Association for Software Testing, found something more than a cumbersome login or a blank screen—clear evidence of subpar coding on the site.

In mid-October, he went to Healthcare.gov to help a family member get insurance, only to find his progress blocked. When he investigated the cause, he discovered that one part of the website had created so much “cookie” tracking data that it appeared to exceed the site’s capacity to accept his login information. That’s the mark of a fractured development team.

Even more alarming were the security flaws. An error message from the site relayed personal information over the internet without encryption, while the email verification system could be bypassed without access to the email account. Both security vulnerabilities could be exploited to hijack an account. “Because this is a huge system that people are mandated by law to use, the standard should be higher,” says Simo. “People are going to see it as a high value target.”

At the time, President Obama was still arguing that the main culprit for the breakdowns was the popularity of the site. “The website got overwhelmed by the volume,” he said on Oct. 4. The reality, of course, was far more dire.

The basic architecture of the site, built by federal contractors overseen by the Department of Health and Human Services, was flawed in design, poorly tested and ultimately not functional. “You need there to be good people on the inside to make good contracting decisions and good people on the outside to do the work,” explained Clay Johnson, a Democratic technology consultant who recently worked as a White House fellow. “Right now, it’s the blind leading the blind.”

Even on the back end of the site, data was garbled and, in some cases, unusable. The nightly reports that insurance companies receive from the federal government on new enrollees in the health plans have been riddled with errors, including syntax mistakes, and transposed or duplicate data, according to industry veterans. In other cases, insurers received multiple enrollments and cancelations from the same person, but since the documents lacked timestamps, it has been impossible to know which form is the most recent. Companies have resorted to contacting enrollees directly to get answers, a solution possible only because so few have been able to sign up. ”We are seeing and hearing that enrollment files going to carriers are incomplete, there are errors,” said Dan Schuyler, a director of exchange technology at Leavitt Partners, a firm that consulted with several states in setting up their websites. “In three weeks or so when they start receiving these in mass volume, tens of thousands per day, it doesn’t matter if there’s a 1 percent error rate. Insurers don’t have resources to go through them and clean them up.”

...

For his part, Simo tried to report the security vulnerabilities he found by contacting an online operator at the Department of Health and Human Services. But he has little hope that his message will get to the right people. The operator seemed confused about what to do with the information. After a half hour of delay, Simo was told his complaints would be forwarded the Federal Trade Commission, an agency that typically investigates consumer complaints, who would contact law enforcement as necessary.

 

[MSFHQ]

Yeah, not good. Now that a light has been shinned on it I think it will get redone correctly, but in the mean time it is a triage situation. I really wish the administration had been extra careful with this roll out since it knew all eyes would be on it. Unfortunately this is what uninsured people have to deal with.

Insurance companies must be panicking since the only people who will stick with all these hang ups are chronically sick individuals. In the mean time others are losing insurance and relatively healthy people are just getting frustrated and giving up.

 

[Daniel Duffy]

But does it have nice GUI features and cool things? Seriously (been there, done that) it's this in most cases

http://www.stevemcconnell.com/ieeesoftware/bp05.htm

Nothing ever changes, it seems.

Adding developers to a late project. Perhaps the most classic of the classic mistakes is adding developers to a project that's behind schedule. There are notable exceptions to the rule, but, generally, when a project is behind schedule, new people subtract more productivity from existing staff than they add through their own work. Fred Brooks likened adding people to a late project to pouring gasoline on a fire (Mythical Man-Month, Addison Wesley, 1975).

Rule: when a project gets into problems remove 50% of the project team. Works better.

The nightly reports that insurance companies receive from the federal government on new enrollees in the health plans have been riddled with errors, including syntax mistakes, and transposed or duplicate data, according to industry veterans. In other cases, insurers received multiple enrollments and cancelations from the same person, but since the documents lacked timestamps, it has been impossible to know which form is the most recent

...
Was there no acceptance testing?

 

[bigbadwolf]

The software failure is to my mind symptomatic of a broader incompetence of the US government as a whole. For instance I've recently approached the FDA a number of times on behalf of an overseas friend of mine interested in exporting his product to the USA. I can't get a single straight or informed answer out of them. They don't even know what their rules and regulations are and claim they even lack printed volumes of these rules and regulations. Then I step next door into the county library and they have a collected printed set of those rules and regulations. This is one instance. I can name several others with other federal agencies.

In the fifteen years I've been buying from Amazon -- which probably has a much higher volume of traffic than the ACA -- I can't recall a single time it's been down. Of course Jeff Bezos has more brains than Obama, and this doubtless also applies when making comparisons at corresponding levels of authority in Amazon and the US government. There's accountability and competence at Amazon and none with the US government.

Ted Rall sums it up well here:

No, Governor Palin, the truth behind the ACA mess is that Obama and his gang of golfing buddies are idiots.

OK, so there was evildoing. For example, as Forbes reported: “HHS bureaucrats knew [forcing the uninsured to create an account and enter detailed personal information before you can start shopping] would make the website run more slowly. But they were more afraid that letting people see the underlying cost of Obamacare’s insurance plans would scare people away… Obamacare wasn’t designed to help healthy people with average incomes get health insurance. It was designed to force those people to pay more for coverage, in order to subsidize insurance for people with incomes near the poverty line, and those with chronic or costly medical conditions…This political objective — masking the true underlying cost of Obamacare’s insurance plans — far outweighed the operational objective of making the federal website work properly.”

There was corruption too. UnitedHealth Group, which as one of the nation’s biggest insurers stands to make billions from the ACA, was a key contractor for the federal website.

Mostly, though, there was idiocy. Secondarily, in execution. End-to-end testing began in late September. For an October 1st rollout. What could possibly go wrong?

That’s right: secondarily.

Primarily, Obama and the Democrats were idiots to think that the ACA’s bastard hybrid of public and private could function properly — certainly not on “a project of such immense complexity. The federal exchange must communicate with other contractors and with databases of numerous federal agencies and more than 170 insurance carriers.”

Look at what happened to the Postal Service: neither beast nor fowl, the uncomfortable marriage of for-profit business and Congressionally mandated payouts has pushed an otherwise viable organization to the brink of collapse.

ACA was created in response to skyrocketing healthcare costs — a problem directly attributable to the big insurance companies, which are raping patients and doctors with extortionist rates in order to accumulate obscene profits. The common sense solution? Cut out the insurers; put them out of business. Nationalize hospitals and private clinics. Turn doctors and nurses into federal employees. Obama built the ACA to increase the big insurers’ profits even more. Thus, for example, no federal price controls on the plans to be sold through the government websites. It comes as no surprise, but sad confirmation that we were right, that insurance company stocks have soared since the passage of the ACA.

 

[Daniel Duffy]

Yeah, not good. Now that a light has been shinned on it I think it will get redone correctly, but in the mean time it is a triage situation. I really wish the administration had been extra careful with this roll out since it knew all eyes would be on it. Unfortunately this is what uninsured people have to deal with.

Insurance companies must be panicking since the only people who will stick with all these hang ups are chronically sick individuals. In the mean time others are losing insurance and relatively healthy people are just getting frustrated and giving up.

Large, ambitious government s/w projects nearly always founder

http://www.amazon.com/Death-March-Edition-Edward-Yourdon/dp/013143635X

 

[bigbadwolf]

http://www.theguardian.com/world/2013/oct/24/obama-contractors-obamacare-website-errors-software

Angry Republicans and Democrats turned on the main private contractors behind the website on Thursday to seek an explanation for the glitches, but largely failed to show who was responsible for design or implementation flaws.

That's because none of these political shitheads, with room temperature IQs, knows the first thing about coding and computer systems.

 

[bigbadwolf]

http://www.washingtonpost.com/polit...7e2e-487a-11e3-a196-3544a03c2351_story_3.html

“The code failed system tests, and attempts to fix the errors caused further delays and increased costs,’’ said the report, which also faulted the thrift board for insufficient oversight. It was one of three reviews that criticized AMS for substandard work, along with reports by the Defense Contract Management Agency and a private firm, Integrated Benefit Solutions, hired by the thrift board to review the project.

“They couldn’t fix the problems because they didn’t know how,’’ said Stiffler, the board official, who brought in a backup contractor that completed the job on time and within budget — after throwing out more than 95 percent of AMS’s software code and rewriting the rest.

 

[Daniel Duffy]

“They couldn’t fix the problems because they didn’t know how,’’ said Stiffler, the board official, who brought in a backup contractor that completed the job on time and within budget — after throwing out more than 95 percent of AMS’s software code and rewriting the rest."

In many cases, it's better to start all over again, indeed.

Q: how does a project get behind schedule?
A: one day at a time

(source: Mythical Man Month)

 

[bigbadwolf]

In many cases, it's better to start all over again, indeed.

My guess is that the bozos at the helm of the company are a bunch of empty suits who don't know the first thing about coding. And they are liaising with a bunch of empty suits in the US government who also know nothing about coding. All the talk about working "24/7" to rectify the mistakes is so much specious claptrap. I blame the organisational structure of US business and government: at the top you've got empty suits and talking heads, while the people who can actually do something technically are far down the hierarchy, underpaid, unappreciated, abused, and bullied.

 

[Daniel Duffy]

Some time ago I wrote the script for a migration of the all the software systems for the social services (nationwide) here where I live. Huge project indeed. The main reasons for success were:

1. core technical team of 3 people
2. project leader was god (no one could evict him except the team in 1)
3. project leader did not have a degree in journalism or economics.

Of course, ACA is more complex. But the issues are political and organisational always IMO, not technical really.