If We Built a Website in the Private Industry Like the One for Healthcare.Gov, We Would Be Fired and Possibly Sued

affordable-health-care-act-websiteLike many Americans, I too have gone onto the Affordable Care Act website to take a look at what all the fuss has been about. From a design perspective, things look pretty good on the front end of the website. It’s attractive enough and easy to navigate. It views well on mobile and tablet devices. There are plenty of pages containing information and answers to your questions. You can preview plans and prices to get an idea of the different levels of coverage offered in your state and county. But as a web developer, I’m more concerned about what is beneath the design inside the back end. Beyond the hype and the politics, there really is a good reason to be concerned about trusting this website with some of the most personal and detailed information of our lives. There are three key areas I personally have questions and concerns about:

Where is the ACA quality assurance? I think most people agree the website was probably not ready for prime time and the quality assurance is not topnotch. When I visited the website, I chose what I think might be comparable health care coverage my husband and I are already enjoying and chose to take a look at the Silver Plan. From what I could determine, we would be paying $300 more a month than we already are PLUS an as yet to be determined yearly out of pocket expenses. Don’t like that, but I’m willing to see details and make adjustments before passing judgment. To get more information, I had to create an account and delve into the back end of the system. I did that and didn’t like what I saw within three screen views. The amount of personal information that was requested was too much up front for my comfort and there was no incentive to give in to the request for more. I just wanted to look at their pricing, not share my entire life with them. I can shop for more details of a health care package in the private sector without having to divulge my name, address, social security number, etc. so I don’t understand why I’m not able to do the same through the ACA website. What else makes me hesitant is from what I’ve heard in the news–everywhere—the website isn’t holding up too well and people are getting 404 errors in the middle of their data entry. A Forbes contributor suggested yesterday the reason the website keeps breaking down is because the government doesn’t want to you to see the underlying costs. I don’t think he means to say the website is shutting down on purpose. Instead, the Forbes article goes on to explain the health care website requires the user to provide detailed information BEFORE you can start shopping. This means the system is overloaded with a bottleneck of information being compiled and returned to the view. It’s a lot to process, thus the 404 errors. I tend to agree with this theory. It’s unsettling to be in the middle of sharing your social security number and then suddenly have technical difficulties. I don’t trust this website just yet; therefore I’m not willing to divulge personal information. Sorry, but I’m not buying it (yeah, the pun is intended)…

What are the HHS numbers? Another thing that concerns me is Kathleen Sebelius, the U.S. Secretary of Health and Human Services, said earlier this month she cannot gauge how many people signed up for Obamacare. Seriously? You can’t tell me a huge organization like this–one that has to be compliant, is consumer oriented, and has a political score to keep–does not have analytics in place to gauge the numbers. Either she is not being truthful about this, or her team is failing the mark by not tracking the numbers and keeping her informed. You can easily look to the private industry for examples of how a well done marketing campaign and sound ecommerce results in multi-million dollar sales within days. Of course, no one wants to tout negative success. But again… I’m not buying it.

What about security? Last and most importantly, is the assurance that our personal data is and will remain safe. I don’t think this can be said just yet. Computer security expert John McAfee dropped a bombshell on Obamacare enrollees when he warned everyone of the strong possibility of phishing scams tied to the Obamacare websites with no way to protect those who enroll from hackers robbing their bank accounts blind. “I’ll ask you your social security, your date of birth, [so] an hour later I can empty your bank account,” he said when interviewed. He went on to say, “And this is going to happen, it’s going to happen soon. Nothing in the Obamacare system safeguards against this,” he said. He wouldn’t use the system for himself anyway, but McAfee’s words of caution cannot be discounted given his expertise with computer security.

Not buying it… the way the website is working, the pricing, the health care itself. As a web developer, I feel the pain of the development team working on the ACA website and hate to criticize. But HHS rushed this through too soon and Americans can be harmed by the shoddy workmanship of the sign up system. Perhaps by the time my insurance expires in February next year, they’ll have solved the problems and I’ll feel more comfortable exploring government health care options. But for now, I think I’ll sit back and just wait and see.

Sources: Forbes http://tinyurl.com/mbrulyk, Christian Science Monitor http://tinyurl.com/nxdobhc, and Washington Post http://tinyurl.com/lfnc8c9

Protect Your Computer Systems

October is National Cyber Security Month. Protect your computer systems with these 9 steps recommended by the U.S. Small Business Administration:

  1. Use the FCC’s Small Biz Cyber Planner to create a cyber security plan
    The  Small Biz Cyber Planner is valuable for businesses that lack the resources to hire a dedicated staff member to protect themselves from cyber threats. The tool walks users through a series of questions to determine which cyber security strategies should be included in the planning guide, and generates a customized PDF that serves as a cyber security strategy template.
  1. Establish cyber-security rules for  your employees
    Establish rules of behavior describing how to handle and protect personally identifiable information.  Clearly detail the penalties for violating cyber security policies.
  1. Protect against viruses, spyware, and other malicious code
    Install, use, and regularly update antivirus and antispyware software on every computer used in your business. Such software is readily available online from a variety of vendors.
  1. Educate employees about safe social media practices
    Depending on what your business does, employees might be introducing competitors to sensitive details about your firm’s internal business. Employees should be taught how to post online in a way that does not reveal any trade secrets to the public or competing businesses. This type of safe social networking can help avoid serious risks to your business.
  1. Manage and assess risk
    Ask yourself, “What do we have to protect? And, what would impact our business the most?” Cyber-criminals often use lesser-protected small businesses as a bridge to attack larger firms with which they have a relationship. This can make unprepared small firms a less attractive business partner in the future, blocking potentially lucrative business deals.
  1. Download and install software updates when they are available
    All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install such updates automatically.
  1. Make backup copies of important business data and information
    Regularly backup the data on every computer used in your business. Critical data includes word processing documents, spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly.
  1. Control physical access to computers and network components
    Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft, so make sure they are stored and locked up when unattended.
  1. Secure Wi-Fi networks
    If you have a Wi-Fi network for your home business make sure it is secure and hidden. To hide your Wi-Fi network, configure your wireless access point or router so that it does not broadcast the network name, known as the Service Set Identifier (SSID).  In addition, make sure that passwords are required for access. It is also critical to change the administrative password that was on the device when it was first purchased.

Be aware that cyber attacks happen all the time and security is an ever-changing field. Businesses must continually adapt to new attack methods and remain alert at all times.

Source: sba.gov