reduce the cost of health care from the provider. my friends on the other side may correctly note, as i will here, that many americans are benefiting from obama care at the cost of trillions of dollars over a 10-year period, i certainly hope so. but divisions over whether or not taxpayer money taken and pushed back out to needy, who are trying to afford health care, is not the subject today. unfortunately during the first two years of the obama care law under speaker pelosi, there was no effective oversight. oversight was shut down during the first two years of the obama administration and the minority pointing out anything was ignored. you said my chairman we have tried to correct that. we have been disappointed by continued obstruction by the

minority on this committee defending administration when it failed to deliver relevant documents and object to -- they find themselves objecting to hearings, witness request and constantly engaged in petty downplaying of what, in fact, are serious problems. the minority today will undoubtedly point out this must be political, that we're not here because only 1100 people at a time could get onto a website before it crashed effectively, when 250,000 needed to get on it when it was a law and mandated. we're not here for that reason, they will say, we're here because this is political. this committee on a bipartisan basis has offered legislation that if the senate had taken it up and the president had supported and signed it, and it had been implemented in this

project, undoubtedly many of the mistakes made we would find would not be made. in fact the lack of budget authority for a single point on a project of this sort conducted and overseen by somebody who had a success story in similar operations rising to the level of $600 million multi-committee, multi-state website, if that person had been there and in charge, i have no doubt that person would not be with us today because that site would be up and running. on october 190 i joined with senator lamar alexander, a member of the minority in the senate who finds himself unable to get answers asking secretary sebelius to find documents related to healthcare.gov.

unfortunately october 28th i was forced to subpoena, to date hhs has not produced a single responsive document to this committee. in contrast the committee has received far more cooperation, transparency, and document production, receiving over 100,000 relevant documents from contractors working on the project. the very contractors blamed on day one as their fault, not a single political appointee's fault, not obama's fault. i know the ranking member and i could fill an entire hearing with discussions about our differences. i have no doubt in short order he will air many of them. for this hearing, i think we can find agreement. the agreement would be simple.

whether you like obama care or not, taxpayer dollars were wasted, precious time was wasted, the american people's promise of obama care, in fact, does not exist today in a meaningful way because best practices, established best practices of our government were not used in this case. now, our government must quickly kbr grasp the lessons here in obama's healthcare.gov project to better and more effectively implement underlying policy changes so this won't happen again. the investigations this committee received testimony in paid documents indicating many problems that led to the disastrous failure to launch on october 1st. the committee has learned numerous missed deadlines and ignoring of integrated security testing requirements are still a

problem for this system. the ranking member gave to me, and i will put it in the record, a letter very concerned that some of the documents we received from contractors, if they got in public hands, would be a road map to security flaws that exist in obama care's website today. it is our committee's decision those documents will not be released, that we will carefully ensure any material given to us by anyone that would help hackers discover more quickly the flaws in obama care's website are not made public. but let us understand, the ranking member's statement in that letter says more than i could say, and that is on the day of the launch and even today, there are material failures in the security of the

obama care website. meaning that even though we may not put out the road map, hackers, if they can get on a website that only accommodates 1100 people at a time, hackers may already or soon find vulnerabilities. they may soon find your social security number or your sensitive information because there was no integrated security testing before the launch. pointed it out in time for security concerns were properly vetted. the last known security test conducted by the records we've been given. again, given by contractors because the administration has failed to be in any way honest or transparent in producing documents, show that in mid september at least as to the federal marketplace segment of the site, they identified significant findings of risk.

documents from the contractor identified a chaotic testing environment. according to pmr. henry chow, tp operating officer for marketplace administration delays issuing regulations created a compressed timeframe for building the i.t. infrastructure. we know, for example, that hhs did not issue any regulations in the three months prior to november 2012 election. yes, i am saying that it seems sad that you pass a law in the first few months of an administration and yet it seems that regulations came to a halt so they would not be out there in the marketplace during the president's re-elect. two years is too long after a law that has mandates before you go and tell american people and website producers what they must

do. this committee has learned that a complete integrated security testing did not occur, meaning test the pieces but do not test the entire product was one of the faults at the launch. that heightens the risk of unauthorized access nonencrypted data, identity theft and loss of personal identifiable information. this is not committee's opinion, this is testimony. the director of cms stated he was not even aware of some tessing results that showed serious security problems in the weeks before the october 1st update -- launch. he testified these results should have been shared with him and said the situation was disturbing. hhs offered no further explanation for nearly two weeks until after the committee made a

redacted version of the key memo public. at a briefing last week, cms information officer told investigatione investigators he normally assigns authorities to operate memos to launch cms i.t. projects. in this case, however, and wi wisely, he determined he would not sign the healthcare.gov document, and, in fact, required a less qualified and obviously erroneous signature by marilyn tavenner to occur on that document. now, that's kicking it upstairs because you know it isn't any good. although i appreciate a cio not signing a document for a site that wasn't ready, i think at the same time we must recognize there should have been public objection to marilyn tavenner

signing that document for a website that clearly was not ready for prime time. additionally today we're hearing from a distinguished panel of witnesses. i recognize some of the witnesses, particularly mr. park, are busy elsewhere trying to get this site operational. but since we have been in the neighborhood of six weeks since the launch, i trust hundreds, or if necessary thousands of the right people have most of their marching orders. in fact, it is time for congress on any committee of jurisdiction to look over the shoulder of the administration, to ask both what went wrong and today not just ask do you promise on november 30th to make it right but will you, in fact, commit to the changes in law that would ensure

this doesn't happen again. i don't hold this committee hearing today to sell i.t. reform. this committee has already done its job to sell i.t. reform. however, it is essential that you understand that when mr. cummings and i make public billions of dollars worth of failed i.t. programs, the american people often get a small snippet in the newspaper. today the american people should know this isn't the $600 million unique event, if it were, it would be a different hearing. this is part of a pattern that occurs due to failure to adhere to the private sector's world-class standards for web production. this is a pattern that includes schedule c political appointees being more involved than career professionals. this is a pattern that has to

stop. our witnesses today -- among our witnesses today will be mr. dave power, a government accountability officer and an expert in, in fact, what those practices should have been and what failed on healthcare.gov. i might note for all, he is, in fact, a career professional, a nonpartisan, and an individual who doesn't work for me, doesn't work for the ranking member but works for the american people. i'll do the rest of my introduction when the time comes. i now will yield to the ranking member. >> thank you very much, mr. chairman. good morning to everyone. welcome to our witnesses who are here with us today. i want you to know that i appreciate your service, and on behalf of a grateful congress we

thank you. i thank you to your dedication to ensuring that millions of americans who do not have health insurance will be able to obtain quality, affordable coverage going forward. this is an incredibly admirable goal, and i thank you for everything you are doing to make it a reality. unfortunately not everyone in this room shares this very important goal. republicans oppose the affordable care act in 2009 and voted against providing health insurance to millions of americans. over the past three years, they have voted more than 40 times to repeal parts or all of the law and eliminate health insurance for people across the country. since they failed at these

repeal efforts, they blocked request for full funding to implement the law. this forced federal agencies to divert limited funds from other areas. republican governors refused to set up state exchanges forcing the federal government to bear more of the workload. to make a political point against the affordable care act, republican governors refused federal funds to expand their medicaid programs to provide medical care for the poor, increasing the burden on their own state hospitals. to me, this is one of the most inexplicable actions i have ever witnessed from elected representatives against their own people, the people who elect them. their neighbors, their family

members, their friends, the grocer, the mortician. after all of these efforts, house republicans shut down the entire federal government for three weeks in october. three weeks. shut down the government. they threaten to default on our national debts unless we repeal the affordable care act. again, this effort failed. now they are attempting to use the congressional oversight process to scare americans away from the website by once again making unsupported assertions about the risk to personal medical information. let me be clear. the centers for medicare and medicaid services and its contractors failed to fully

deliver what they were supposed to deliver. congressional oversight of those failures is absolutely warranted. but nobody in this room -- nobody in this country believes that republicans want to fix the website. for the past three years, the number one priority has been to bring down this law. and their goal, ladies and gentlemen, has not changed. today they complained their constituents are waiting too long on healthcare.gov to sign up for insurance. but is there a solution to fix the website? no. it's to repeal the affordable care act and eliminate health insurance for millions of americans by repealing the

federal care act indeed would reduce waiting times on the website, it would increase waiting times in our nation's emergency rooms. mr. chairman over the past month instead of working in a bipartisan manner to improve the website, he politicized this issue by repeatedly making unfounded allegations. in my opinion, these statements have impaired the committee's credibility. for example on october 27th, he went on national television and accused the white house of ordering cms to disable the so-called, quote, anonymous shopper function in september for political reasons to avoid, quote, sticker shock.

that allegation is totally wrong. we have now reviewed documents and interviewed cms officials who made that decision. it was based on defects in the contractor's work, not on a white house political directive. last thursday issued a press release with this glaring headline quote, healthcare.gov could only handle 1,100 users the day before launch, end of quote this claim is wrong. based your allegations on the documents we received, which relate to a sample testing environment. i believe witnesses will expound on that today. most troubling of all was allegations of one of our

witnesses todd park, chief technology officer of the united states of america. you went on national television and accused him in engaging in a, quote, pattern of interference and false statements, end of quote. mr. park is widely respected by the technology community as an honest and upstanding professional. in my opinion your accusation s denigrated his reputation with absolutely no legitimate basis. as i said to my letter on monday, i think your accusations crossed the line and i think you owe mr. park an apology, not a subpoena. the unfortunate approach, we might miss an opportunity to do

good work. our committee has done significant, substantive and bipartisan work or federal i.t. reform and i applaud your leadership in that. i go back to the word, it was indeed bipartisan. we joined in to do what this committee is supposed to do, to look at the facts, to seek the truth, the whole truth and nothing but the truth and then bring about reform. under the leadership of you and our democratic technology information expert, mr. conley of virginia last march we passed the federal information technology acquisition reform act. this bill would increase the authority of agency cios and provide them with budget authority over federal i.t. programs including hiring. we did that together. we did that in a bipartisan way.

politics aside, we should roll up our sleeves and work together to constructively address these challenges. i hope constructively address these challenges. i hope that that's what today's hearing is all about. and i again thank our witnesses who i know are working very hard to achieve these goals. with that, i yield back. >> i thank the gentleman. members have seven days to submit open statements and other extraneous material.

mr. henry child is the director of information services center for medicare and medicaid services, for today, and probably called cms for the rest of the day. and deputy chief information afrs at cms. mr. frank bateman is the chief director at health and human services. mr. todd park is the chief technology aufrgs ot united states. mr. steve van rokel is the chief information officer of the united states. okay. and pursuant to the rules, as many of you have not been here before to see, i'd ask that you all rise to take a sworn oath. please raise your right hands.

do you solemnly swear or affirm that the testimony you're about to give will be the truth, the whole truth and nothing but the truth. let the record -- please be seated. let the record reflect that all witnesses answered in the affirmative. this is a large panel and it's sfoing to be a long day. i suspect witnesses will be asked questions by both sides of the aisle. i would ask that you adhere to the time clock and come to a halt as quickly as possible when it hits red. please, understand, yellow is not an opportunity to start a new subject. it is an opportunity to wrap up. and with that, we'll go to our distinguished guests.

>> we appreciate the opportunity to help uncover complex it ak wi zigtss. and now, we are faced with more visible projects. these complex projects can be delivered successfully when there's appropriate accountability, transparency, expertise and program management. we showed a prior report that showcases several successful it ak wi zigtss and what allowed them to be delivered successfully. this morning, i'd like to highlight best practices from that report and others that would have made a difference with healthcare.gov. specifically those sections that increase cio authorities and acquisition houses. they need to be appropriately

responsible for the project. this needs to start with department cios and for projects of national importance, includes the president's cio. at hhs, cio authority is an issue gao reported on just last week. across 27 departments, about $40 billion are spent annually on these 700 investments. and public dissemination of each project status is intended to allow omb and the congress to hold agencies acountable tr 3er formans. surprisingly, they showed a green cio rating. but interestingly, the rating was red in march.

both omb are important so executives are aware of project risks. we have issued reports on omb and agency tech stats and their excellent results. primarily, halting and scoping and redirecting troubled projects. we are not aware that healthcare.gov was subject to a tech stat review. for expertise, it is extremely important to project success for knowledge and skills. this applies to a number of programs including management, systems integration and testing. and fifth, program management. z several best practices increase the likelihood that it will be delivered on time, within budget and within the functionality promised. this starts with getting your

requirements right and having regular communication with contractors throughout the acquisition process, and adequately testing the system, including integration and user acceptance. there are a number of key question that is can be asked of any it acquisition to ensure that appropriate accountability, transparency, oversight expertise and program management is in place. and these most definitely pertain to healthcare.gov. what rule is omb playing in ensuring that this major acquisition is on track. specifically, how involved is the federal cio. is the cio and agency accountable? is the acquisition status accurately and timely transparent as displayed on the it dash board. key risks addressed and was there appropriate follow up.

does the agency have appropriate exper toos to carry out its program management role. in the case of healthcare.gov is a case to act as the systems identifier. finally, as the program office providing best practices throughout the acquisition lifestyle. this would include security stesing. assessment and authorization. in summary, omb and agencies can do more to ebb sure that the 80 plus billion dollar investment has the proner practices to deliver vital services to american taxpayers. that concludes my statement. thanks for your continued oversight in federal it issues. >> thank you. mr. chow? >> good morning, chairman and members of the committee. since the passage of the

affordable care agent, cms has been hard at work to design, build and test scour systems to ensure that merps are able to enroll in affordable health care coverage. i am a career servant that has 20 years working at cms on medicare and medicaid systems. my role has been to guide the technical aspects of the marketplace development and implementation, the fairly facilitated parkt place enrollment systems and the data services hub. i work closely with the private sectors, contractors, building these it components. i also work closely with my colleagues and cms who handle other aspects of the site, including the center for insurance and nfgts oversighted, which manages the business op ragtop ragtss.

the chief information officer through management of a shared service called the enterprise identity management system. and the office of ch communications. to facilitate the functions of the marketplace, cms contracted with qssi to develop the hub and cgi to develop the federally facilitated marketplace. the hub facilitates information a consumer provides. with nflgs maintained by other sources such as ssa and irs. in addition to the hub, css contracted to build the federally facilitated marketplace system which consumers used for private qualified health plans and for programs like med cicaid and advanced tax credits.