Saturday, December 28, 2013

$50M Obamacare-Fix: 'Literally a Life-or-Death Situation'

    As the full breadth of the Healthcare.gov debacle became apparent, the Department of Health and Human Services (HHS) turned to the architect of the Federal Data Hub to lead the team of contractors to fix the woefully inadequate website that had disastrously launched just weeks before. As announced on October 25, Quality Software Services Inc. (QSSI), whose Data Hub turned out to be one of the better functioning systems of the Obamacare Marketplace, was named as the general contractor for the rescue effort.  According to the Washington Post at the time, "details on the size of the contract were still being worked out."
    Recently, more details on that contract (treated as an extension to a 2007 Enterprise System Development contract) have become available and shed more light on HHS's own assessment of the situation less than one month after the website launch.  The documents paint a devastating picture of stunning incompetence three and a half weeks into the most ambitious domestic policy program in recent memory: 
During Healthcare.gov's first weeks of open enrollment, many Americans attempted to access the Marketplace and enroll in health insurance.  Due to numerous technical issues, such as hundreds of software bugs, inadequate hardware and infrastructure, and a general lack of system monitoring and incident response capabilities, the Marketplace could only support a fraction of all those who tried to register, apply, and enroll in a health plan.
    The estimated value to QSSI of the one-year contract extension is $50 million:

     Since the situation was deemed to be an emergency by HHS, the contract was awarded without the usual competition, as explained by the Justification and Approval document which cited the likelihood of "unacceptable delays."  A process that normally takes three months was accomplished in less than a day. QSSI's previous work with HHS on Healthcare.gov, as well as experience with "problematic program start-ups" such as the Medicare Part-D Prescription Drug program seven years ago.  HHS foresaw dire consequences if Healthcare.gov was not repaired in a timely manner, warning of "literally a life-or-death situation":
Timely availability of the Marketplace is critical for [uninsured] individuals to be able to obtain coverage by January 1st, 2014, as was specified within the [Affordable Care Act] legislation. For many of them, access to affordable healthcare is literally a life-or-death situation. 
    The contract specifies ten tasks to be performed by QSSI, including "Baseline Current Architecture and Code for all FFM [Federal Facilitated Marketplaces] Systems", "Establish Flexible Testing and Performance Testing Environments", and designing, establishing and maintaining a Healthcare.gov "dashboard" as a real-time tool to track the performance of Marketplace systems and subsystems.
    The Justification and Approval document was signed by nine different HHS officials up the chain of command, including the Chief Operating Officer of the Centers for Medicare and Medicaid Services, A. Michelle Snyder.  Snyder was the last to add her signature on December 20, which likely explains why the document was not posted online until December 23.

Note: A version of this article first appeared at The Weekly Standard.

Tuesday, December 24, 2013

Once Again, HHS Extends Obamacare Signup Deadline For January Coverage

    Even now that the December 23 deadline has passed, and even the informal one-day extension through Christmas Eve has also passed, the Healthcare.gov website is holding out hope that some may still sign up for coverage effective January 1, 2014.  A page entitled "Tips to help you enroll in Marketplace coverage" asks, "Couldn’t enroll by December 23?"  The answer reveals that calling the Marketplace Call Center and speaking to a representative could yield options that "include starting a new application over the phone to get coverage effective on January 1."

    Although the site indicates that enrollment by January 1 may still be possible "because of problems you had using HealthCare.gov," no further details are provided online about the specific qualifications for the exception.  Problems with Healthcare.gov have ranged from simply logging on to problems with subsidy calculations to enrollments not reaching insurance companies, but it unclear which problems merit special treatment and how consumers must prove they have experienced problems with the site.
    The Department of Health and Human Services (HHS) has not issued any additional guidance, so it is not apparent how Marketplace Call Center representatives determine if someone is eligible for an exception, or how insurance companies will be compelled to grant the January 1 effective coverage date.  An email to HHS requesting clarification has not been returned.

Saturday, December 21, 2013

Hay is For Horses... $90K Worth of Hay, Dept. of Interior

    In April 2013, I wrote a post for The Weekly Standard about a Department of The Interior $6 million contract for helicopter services related to the Wild Horse and Burro program run by the agency.  Part of that program involves capturing and corralling some of those animals for the Adopt-a-Horse program.  And based on another recently posted contract, those horses are hungry.
    There's an old expression that begins "Hay is for horses," and boy, is it ever.  The contract is for almost $90,000, which is apparently the going rate for 200 tons of alfalfa hay:

    A document accompanying the notice gives some background on the program:
 As resource conditions and other factors warrant, excess wild horses and burro [free roaming on public lands] are removed from the public lands and placed in facilities for preparation to be placed in private maintenance through the Adopt-A-Horse program... The Wild Horse and Burro program Southeastern States Office conducts approximately 12 satellite adoptions throughout the southeastern United States. The SSFO is also responsible for running the BLM Eastern States/Piney Woods Wild Horse and Burro Holding Facility. The facility is responsible for maintaining (feeding, veterinary care, etc.) approximately 150 animals.
    The award was granted only seven days after the initial solicitation appeared, so it's not clear how many bids the government received, and the "interested vendors" list requires a login. And how long does it take 150 wild horses and burros to chew their way through 200 tons of hay?  Since the last contract ($43,775 for 100 tons) was just awarded on July 31, 2013, late summer 2014 may be the last straw.

Friday, December 20, 2013

Obamacare 'Back End' Contractor Also Runs Troubled Medicare Website

    As the October 1 launch of Healthcare.gov drew closer, the Centers for Medicare and Medicaid Services (CMS) realized it was in trouble.  The agency, which is the primary Health and Human Services (HHS) department in charge of the implementation of the Affordable Care Act, decided in early August that the "specialized financial management services and expertise [needed were] beyond what was initially anticipated and beyond CMS' currently available resources," and that development and testing were "already minimally two months overdue."  By that time, the need for these so-called "back end" services had "reached an unusual and compelling level of urgency," and CMS awarded an emergency, no-bid contract for the work, as first reported by THE WEEKLY STANDARD in September.  After HHS initially responded with a promise of more information, the agency has ignored repeated requests for further details.  Reuters was stonewalled by the agency as well in a November story about the contract.
    To avoid the "severe consequences" that CMS feared would result from further delay, the agency turned to a current HHS contractor, Novitas Solutions, a wholly-owned subsidiary of Diversified Service Options, which is in turn a wholly-owned subsidiary of Florida Blue (Blue Cross/Blue Shield of Florida.)  Novitas already administers three different Medicare-related healthcare programs for HHS, including the Medicare Administrative Contract for Jurisdiction H, which covers seven south-central states.
    Coincidentally, Novitas launched a new website for Jurisdiction H on September 29, just two days before the launch of the main Obamacare site.  The new Jurisdiction H website has experienced problems reminiscent of those experienced by Healthcare.gov, and some of the "fixes" will not be in place until well into 2014.  In fact, the latest update from Novitas informed users that the Jurisdiction H website would be taken offline completely at 7 PM on Wednesday, December 18, for up to five hours for maintenance.
    A report on the website of the Oklahoma Hospital Association (OHA) on December 4 gave some details of the issues facing users of the troubled Novitas Medicare site:
Hospitals continue to experience problems stemming from system changes at Novitas Solutions, the Medicare Administrative Contractor (MAC) for Oklahoma and other south central states. 
Novitas launched a new website on Sep. 29. This was the most visible change stemming from the transfer of Novitas’ business operations platform from the data center of its former owner, Highmark, to that of Blue Cross and Blue Shield of Florida. 
As an example of the website problems, Novitas intended to display content for Part A and Part B separately. This is not working as planned. A manual process of splitting all website content is underway, with a completion goal of February 2014. 
While some of the website problems are apparent to users, more serious problems remain to be resolved behind the scenes in the MAC’s workflow management. David Vaughan, Jurisdiction H project manager for Novitas, told OHA that the system changeover caused a delay of a week or so during which Novitas was unable to use its imaging system. This created backlogs in processing documentation related to medical reviews and appeals. Although the backlog has been reduced, the problems have not been fully resolved.
    Unlike the government has done with Healthcare.gov, however, Novitas maintains a detailed  webpage listing the ongoing issues with the Jurisdiction H site.  The page asks users to "[p]lease pardon our dust as we continue to squash bugs and implement improvements on our new internet site." More than a dozen problems are listed as unresolved as late as Thursday, December 11, the last time the page was updated.  The issues range from web pages not loading properly to duplicate enrollment determination letters to long wait times for customer service.  Another item noted is the planned Interactive Fee Schedule Calculator which is still unavailable.  The status of that issue indicates that "[r]esolution of issues encountered since 9/30/13 is expected by mid-January" 2014.
    When asked for comment on the December 4 Oklahoma Hospital Association report, a spokesperson for Diversified Service Options, Novitas's parent company, wrote:
It is not a news story but an association update, so I have no comment on the Novitas website operation facts as they are stated. As mentioned by OHA, Novitas has been very transparent and proactive with providers, and listed the status of the operational problems.
    Inquiries to HHS/CMS about the Jurisdiction H website, as well as the original emergency, no-bid contract with Novitas for Obamacare-related financial services, continue to go unanswered.

Note: A version of this article first appeared at The Weekly Standard.

VIP Hotel and Vehicles for Mandela Funeral Trip More Than $11M

    State Department contract awards were posted this week for "Transportation services in support of Mandela Funeral" and "Accommodation in support of the Nelson Mandela funeral in South Africa."  The accompanying Justification and Approval documents estimated the cost of transportation at a maximum of $8,286,194.74.  The transportation contract covers only ground transportation in South Africa.  Costs for Air Force One and other air travel are not included.  Two contracts were listed for the cost of lodging: one for $2,042,850 for an estimated "3,240 lodging room nights" and another for $1,190,573 for an estimated "2,490 lodging room nights" stretching from December 6, 2013 to January 20, 2014.
    It is unclear from the documents if the lodging and transportation contracts covered just the president and his support staff, or if it included President Bush, Hillary Clinton, and other current and former government officials.  The transportation contract included passenger vehicles, SUVs, vans, buses, pickup trucks, box trucks, and "larger capacity vehicles":

    One lodging contract was for the Radisson Gautrain:

    The second hotel contract was for the Michelangelo Hotel:

    As is typical of such contracts, they were not open to competition due to security concerns.  Obviously, the short notice of the funeral arrangements complicated efforts even further.  Perhaps as a result of the urgency, a third hotel contract with an estimated cost of $1,110,980 was also posted on the same site for the same trip for the Da Vinci hotel:

    However, within two hours of the posting of that contract, the notice was updated with "cancellation notice - posted in error".
    According to The New York Daily News, the president was on the ground in South Africa for less than 13 hours, arriving and departing the same day, Tuesday, December 10.
    When asked about the contract, a State Dept. spokesperson referred questions regarding the President’s travel/arrangements to the White House press office. The White House press office has not yet responded to an inquiry about the contract and related travel arrangements.

Note: A version of this article first appeared at The Weekly Standard.

Wednesday, December 18, 2013

Obamacare Test Website is Publicly Accessible [Updated]

UPDATE: Shortly after a version of this post went up at The Weekly Standard, http://spa.healthcare.gov/ disappeared, apparently taken down by the website administrators.  However, a Google search still turns up hundreds of results, some with cached versions of pages from the "spa." site.

    The Healthcare.gov website has been plagued with bugs and other problems since the October 1 launch.  As web programmers often do, the designers of the federal government's flagship healthcare website have a test version of the site, test.healthcare.gov, to help work out the kinks before implementation on the public site.  Attempts to access this site are met with "Access Denied. You don't have permission to access 'http://test.healthcare.gov/' on this server."  However, another test version of the site, possibly set up in October after the launch, is readily accessible to the public: spa.healthcare.gov.
   When a user first attempts to access the "spa" site, a warning from the user's browser may be encountered. For example, the following warning appears to Chrome users:

    The "security certificate" for the site is registered to Akamai Technologies, which bills itself as the "leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere."  Akamai does not list Healthcare.gov or the Department of Health and Human Services (HHS) as a client, though Akamai has been identified as handling server and web traffic duties for the site.
    Some pages on the site simply mirror the main www.healthcare.gov site, such as the home page.  However, some pages on the main site (https://www.healthcare.gov/find-premium-estimates/) are met with a "Sorry, we can't find that page" message on the "spa" site (https://spa.healthcare.gov/find-premium-estimates/).  The login page on the "spa" site does not even open, but rather returns "An error occurred while processing your request" message.
    It is unclear why this "spa" site would be publicly accessible.  A web designer, who requested not to be named, asked about security concerns of the "spa" site wrote:
Well it does have the https (ssl) option, however the certificate that is installed is for the wrong domain so you will get a warning/have to accept etc. Certificate details below. It is common practive to create a "duplicate" site for testing and development. I do it all the time, however, common practice is to restrict access to the development/testing site. I always password protect etc the [non-production] site. To me it just seems like more sloppy work.
    Congressional testimony given on November 19 by internet security firm TrustedSec mentioned a security concern with the "spa" site:

    It is unclear if the security concern indicated by TrustedSec is still present currently on the site.

NOTE: A version of this article (before the update) first appeared at The Weekly Standard.

Monday, December 16, 2013

Defense Dept. to Spend Up to $4B for R&D on Combating Weapons of Mass Destruction

    A Request For Information by the defense department's Defense Threat Reduction Agency (DTRA) in July 2011 culminated this month in contract awards to seven different companies worth up to $4 billion over the next ten years.  The contract awards, posted in a notice entitled Combating Weapons of Mass Destruction Research and Technology Development, went to some well known defense contractors including Raytheon and Northrop Grumman.  Despite the $4 billion ceiling, the contracts come with a guaranteed minimum of only $100,000 for each of the seven companies as the work will be parceled out on an Indefinite Delivery/Indefinite Quantity (IDIQ) basis, which is typical in these types of projects.
    The documents with the original Request For Information give the background on the project:
The mission of the DTRA Research and Development (RD) Enterprise is to reduce national defense and homeland security WMD threats by conducting innovative research and development supporting the nation's WMD-related counterforce, consequence assessment, defeat and arms control objectives. Potential WMD threats include Chemical, Biological, Radiological, Nuclear, and High Explosive (CBRNE) materials. In support of this mission, the RD Enterprise is seeking a multiple-source capability for performing research, technology development; technical, scientific and program analyses; and systems integration efforts that will provide scientific and technological solutions to meet the Department of Defense’s nonproliferation, counterproliferation, consequence management and warfighter mission objectives.
    The process stretched over more than two years and included various briefing, an Industry Day for potential contract recipients, and dozen of revisions and amendments.  And the Defense Department is not through.  Just a day after the awards were released, the DTRA announced another Industry Day as part of its "market research" entitled "Countering Weapons of Mass Destruction Situational Awareness,Intelligence, Operations, and Data Visualization Support" to be held December 17 in Arlington, VA.

Note: A version of this article first appeared at The Weekly Standard.

HHS Contractors Conference: "The Good, The Bad, & The Ugly"

    Two days before Secretary of Health and Human Services (HHS) Secretary Kathleen Sebelius announced on December 11 that she was ordering a comprehensive investigation into the reasons behind the Obamacare launch debacle, HHS announced an upcoming Contracting with CMS Conference with topics such as "The Good, The Bad, & The Ugly of Contract Proposals."  Based on Sebelius's testimony before a Congressional committee, her agency's experience with contracts in recent years have included less of the former and more of the latter.  CMS (Centers for Medicare and Medicaid Services) is the division of HHS that was largely responsible for hiring contractors to develop and run the federal government's Obamacare Marketplace.
    The investigation ordered by Sebelius will center around the agency's work with contractors, because, the secretary wrote, "HHS is the third largest federal contracting agency, and CMS alone spent $5.3 billion in 2013 on contracting engagements."  Three actions were ordered by Sebelius, each involving the contracting process:
  • Inspector General, Dan Levinson, is to "review the acquisition process, overall program management, and contractor performance and payment issues related to the development and management of the HealthCare.gov website."
  • A new position will be established, Chief Risk Officer, whose "first assignment will be to review risk management practices when it comes to IT acquisition and contracting," and report back within sixty days.
  • The agency will "update and expand CMS employee training on best practices for contractor and procurement management, rules and procedures."
    The timing of Sebelius's announcement is interesting since the Contracting with CMS Conference is to be held on January 31, 2014, which falls within the 60 day window set by Sebelius for the new Chief Risk Officer to report back to the secretary.  A flyer advertising the conference promotes not only "The Good, The Bad, & The Ugly of Contract Proposals," but "Good News Stories by Contractors" and "Why Past Performance is Important", as well:

    As reported by THE WEEKLY STANDARD in October, the conference was originally scheduled for November 4, 2013, but was abruptly cancelled less than two weeks prior to that date with no explanation.  A "save the date" notice was posted on November 21 for the January 31, 2014 date.  Since the investigation ordered by Sebelius will overlap the conference, it seems likely a second postponement may be in the offing since the very contracting process that is the subject of the conference will still be under review by HHS.
     Also, given that Sebelius's actions were likely under consideration for some time prior to the December 11 announcement, it is curious that the agency still went ahead with the conference announcement.  That in itself may be a question for the investigators to consider as they, in Sebelius's words, seek a "better understanding the structural and managerial policies" that led to the "flawed and simply unacceptable" launch of Healthcare.gov.

Note: A version of this article first appeared at The Weekly Standard.

Sunday, December 15, 2013

HHS Awards Another $58M for Obamacare Navigators

    The same day Health and Human Services (HHS) Secretary Kathleen Sebelius was testifying before Congress about the troubled Obamacare website Healthcare.gov and the improvements being made to it, her agency announced grants of $58 million to 1,157 community health centers to allow them to "expand their enrollment assistance efforts as more Americans enroll in affordable health insurance coverage."  These grants come on top of $150 million previously given to such health centers to "support outreach and enrollment activities" for Obamacare.  From the press release:
“Today’s awards build upon the efforts of health centers across the country as uninsured Americans gain health insurance coverage,” Secretary Sebelius said.  “This investment means that health centers can provide expanded assistance for people in communities nationwide looking for resources to help them understand their insurance options and enroll in affordable coverage.” 
With these awards, health centers will be able to meet immediate needs, including expanding the hours of existing outreach and enrollment assistance workers, and hiring new or temporary outreach and enrollment assistance workers.  Today, health centers operate more than 9,000 service delivery sites nationwide and serve more than 21 million patients annually. 
“Having more opportunities for face-to-face enrollment assistance from trusted resources at local health centers means that more people will get the help they need to sign up by the end of the open enrollment period on March 31, 2014,” said Health Resources and Services Administration (HRSA) Administrator Mary Wakefield, Ph.D, R.N.

Note: A version of this article first appeared at The Weekly Standard

Tuesday, December 10, 2013

HHS Document: Cyber Threat Monitoring Increased 500% in Eight Months

    Concerns have increased over the security of personal information collected by the Department of Health and Human Services (HHS) as the volume of personal data has multiplied dramatically with the implementation of the Affordable Care Act, or Obamacare.  Security experts have testified before Congress about flaws they have uncovered at Healthcare.gov, and various press reports have related other potential problems with the website or with information flowing to the Federal Services Data Hub that could be exploited by hackers and identify thieves.  An HHS document dated December 5 describing a more than 500% increase in the monitoring of cyber threat indicators since April 2013 may only increase those concerns.
    The document states that the agency's Computer Security Incidents Response Center (CSIRC) has experienced more than a five-fold increase in the number of "indicators" monitored by the center in just the last eight months alone.  To cope with the potential threats from this vast increase in data, HHS intends to negotiate a sole-source contract to Cyber Squared, an Arlington, VA, cyber security firm after allowing less than four days (including a weekend) for responses from other interested firms, and even explicitly states that HHS is not soliciting competitive quotations.  HHS describes the apparently urgent need for upgraded threat monitoring as follows:
In the past eight months the number of indicators monitored by the CSIRC has grown well over 500 percent. With the inclusion of the federal Healthcare Threat Operations Center (HTOC) information sharing data from HHS CSO, VA-Network Security Operations Center (VA-NSOC), and the Space and Naval Warfare NSOC for Medical Health Systems (SPAWAR NSOC (MHS), the ability to analyze and correlate this much data requires the use of Threat Connect to be effective and efficient in combating cyber threats. This capability will allow for the joint collection and tracking of internally and externally derived indicators more efficiently as well as facilitate the analysis and correlation of a threat.
    Some of the terminology used in this document raises questions about the scope of the monitoring. For instance, although the document references the "Healthcare Threat Operations Center (HTOC)", the federal government's 2013 Information Sharing Services annual report to Congress makes no mention of the HTOC among the five Federal Cybersecurity Centers, nor is there any other reference to a "Healthcare Threat Operations Center" on the HHS website or any other government website.  References to each of the other potential data sources can be found on various government websites and documents.
     The notice regarding ThreatConnect was posted by HHS at 3:42 PM on Thursday, December 5, and stated that responses would be needed by 8:00 AM, Monday, December 9.  The documentation accompanying the notice does not explicitly mention the Affordable Care Act or Healthcare.gov, but emails sent Thursday to the listed contracting officer and the HHS press office requesting clarification have not been returned.

Note: A version of this article appeared first at The Weekly Standard.

Sunday, December 8, 2013

It's Official: Obamacare Website Will Not Accept Online Payments

    With all the other problems experienced by consumers at Healthcare.gov, actually making payments for plans selected has gotten relatively little attention until recently.  As the end of the year draws closer, however, the importance of making a payment to secure coverage by January 1 has increased.  As recently as November 18, a Healthcare.gov chat representative told THE WEEKLY STANDARD that the site "may give you [the online payment] option when you complete your enrollment", but that "We are still experiencing some technical difficulties with the website, which is why it would be best to possibly go through the insurance company to make your first premium payment."
    Instructions at Healthcare.gov on making premium payments are ambiguous at best.  The following appears under the question, How Do I Apply for Marketplace Coverage? [emphasis added]:
Enroll. After you choose a plan, you can enroll online and decide how you pay your premiums to your insurance company. You must pay your premium by the date the insurer provides before your coverage can begin. Coverage can begin as soon as January 1, 2014. 
Despite saying "decide how you pay your premiums," no options are actually listed.
    However, a blog post at HHS.gov on Wednesday removed any doubt.  Payments may not be made through the Healthcare.gov Marketplace.  Now HHS says "you must pay your premium to the insurance company directly – not to the Health Insurance Marketplace."

    This recent blog post suggests that the "technical difficulties" with online payments could not be overcome, and so the option will not be available.  The government has repeatedly refused to respond to questions about the status of work related to an emergency, no-bid contract for "financial management services" awarded in August that would presumably handle online payments, part of the "back end" that HHS has indicated is far from complete.
    The federal insurance marketplace is not the only one experiencing problems with accepting payments.  The State of Maryland announced back on November 8 that since "[a]ccepting payment is not required of a state-based marketplace, and the Board approved deferring this option until after the core items are addressed."

Note: A version of this article first appeared at The Weekly Standard.

Vice President Biden's $583K Shangri-la Hotel Bill in Singapore

    Vice President Joe Biden's $585,000 hotel bill for a Paris visit early in 2013 focused a lot of attention on the issue of the high cost of VIP travel.  Even as Biden is currently on a swing through the Far East, the State Department has posted a $583,000 contract with the Shangri-la Hotel in Singapore for the vice president's three-day/two-night stay this past July, his most recent Far East visit.  Though the online Justification and Approval document is somewhat poor quality, it indicates a need for a hotel "to host a VIP visit of over 250 guests at during the principal's visit," the "principal" in this case being the vice president:

    Not all such contracts for VIP travel expenses are released by the government, although when they come, the releases always lag behind the trip dates for security reasons.  Security concerns are also the reason for the lack of "full and open competition" that is often required on government contracts.  When asked for comment regarding the requirements of posting travel-related contracts, a State Department spokesperson responded via email:
Federal acquisition requirements for posting contract awards related to Presidential and Vice Presidential Travel to FedBiz Ops are that any contract for more than $150,000 should be posted within 30 days of the contract award date. 
    The above contract was awarded on July 18, 2013, but was not posted until December 4, 2013, which amounts to 139 days.  When asked to comment regarding the delay in posting this and other such contracts, the spokesperson replied:
The Department takes our obligations under the Transparency Act very seriously, and strives for complete, timely reporting from all of our missions worldwide.

Note: A version of this article first appeared at The Weekly Standard

Tuesday, December 3, 2013

State Department Buys Million Dollar Granite Sculpture from Irish-Born Artist

    At the end of September, the federal government's fiscal year was drawing to a close, the threat of a shut down was increasing, and the State Department was shopping for art.  Four contracts were awarded in the last two weeks of September, including $1,000,000 for a granite sculpture by Irish-born artist Sean Scully to be installed at the new U.S. Embassy in London.  Notice of the awards was posted Sunday afternoon of Thanksgiving weekend on the Federal Business Opportunities website.
    Although the form of the Scully sculpture is not identified in the award notification, the artist has produced granite sculptures before, including this one entitled "Wall of Light Cubed 2" in 2008:

    The remaining three awards include a bronze sculpture, "Flowers", by American artist Donald Baechler ($150,000), for the new U.S. Embassy in Islamabad, Pakistan; a mosaic mural by Miotto Mosaic Art Studio in Carmel, NY ($150,000), for the U.S. Embassy in Brasilia, Brazil; and a work entitled "The Black Arch" by Saudi Arabian writer Raja Alem and artist Shadia Alem, for the new U.S. Consulate in Jeddah, Saudi Arabia.
    When asked for comment on the contract awards, a State Department official provided the intended destinations for the artwork, as well as the following statement:
The Department of State’s Office of Art in Embassies curates permanent and temporary exhibitions for U.S. embassy and consulate facilities. For the past five decades Art in Embassies has played a leading role in U.S. public diplomacy with a focused mission of cross-cultural dialogue and understanding through the visual arts and artist exchange.  Art in Embassies is a public-private partnership engaging over 20,000 participants globally, including artists, museums, galleries, universities, and private collectors, and encompasses over 200 venues in 189 countries.
The art pieces listed below will become part of the collections at diplomatic posts and in some cases, comply with host city planning requirements that art be incorporated within the design scheme and displayed in public spaces.  These pieces are permanent purchases, not on loan.
    The State Department's 2013 budget request included $2.5M for the Art in Embassies program.

UPDATE: A State Department official emails to say, "Sean Scully was born in Ireland, but is now an American." This post has been updated to reflect that fact.

Note: A version of this article first appeared at The Weekly Standard.http://www.weeklystandard.com/blogs/state-department-buys-million-dollar-granite-sculpture-irish-artist_769513.html

President Obama: "My Website's Not Working"

    In an interview with Barbara Walters on Friday, President Obama again acknowledged problems with the roll out of the Affordable Care Act website Healthcare.gov (via CNN).  At one point, the president referred to Healthcare.gov as "my website" [emphasis added]:
Obama has taken responsibility for the website's flaws, saying he should have been told earlier about the serious issues with HealthCare.gov's digital infrastructure. He's also apologized for his vow that people who liked their plans could keep them. 
In Friday's interview, Obama said he was looking for answers soon on why the rollout failed so spectacularly. 
"Obviously my most recent concern has been that my website's not working," Obama said. "We're evaluating why it is exactly that I didn't know soon enough that it wasn't going to work the way it needed to. But my priority now has been to just make sure that it works."
    November 30 was the original date the government had announced for website issues to be resolved, but the Wall Street Journal is reporting that the Saturday deadline is likely to be missed.

Note: A version of this article first appeared at The Weekly Standard.

Saturday, November 30, 2013

Report: Security Concerns at U.S. Embassy in Belarus

    The terrorist attack against the U.S. diplomatic post in Benghazi, Libya on September 11, 2012, awakened renewed interest in the security of overseas consulates and embassy facilities.  A recent report by the State Department's Office of the Inspector General spotlights some major concerns regarding the safety of American diplomats and staff in Minsk, Belarus, as well as the security of communications.  The report notes that some progress has been made during the last year, but more remains to be done.
    The report lays out the difficult conditions for the diplomatic mission in Belarus, noting that to visit the "Embassy Minsk is to step back in time to an era when American diplomats in Eastern Europe operated in inhospitable environments."  The government of Belarus is often hostile and imposes severe restrictions, including a five-person limit on American staff.  This has produced a ratio of five Americans to 119 locals staff members, too high by normal standards, and has also resulted in the five Americans (down from 35 in 2008) serving long hours and often double duty.  The limit remains despite assurance from the Belarus government that it was only temporary, and is largely responsible for the staff's inability "to comply with numerous security, consular, information technology, reporting, and management requirements..."
    The American staff is generally praised by the Inspector General for excellent work and ingenuity under difficult conditions.  For instance, the report relates an incident where consul foiled "the kidnapping of an American citizen by repeatedly calling his cell phone until the kidnappers, alarmed by the U.S. Government label appearing on his phone’s screen, released him unharmed." Additionally, the chargé d’affaires is credited with improving security since arriving in 2012:
The chargé has also reinforced embassy security measures. When he arrived at post in 2012, access control was haphazard. Badges were not issued to visitors, and the local guard force used familiarity as a criterion for granting personnel access to the compound. The chargé and management officer/post security officer moved quickly to implement the required access control policy and procedures. The chargé has also worked with the Kyiv-based RSO to enhance mission security.
   Security concerns, however, remain as noted elsewhere in the report:
The 2012 chief of mission controls statement of assurance noted that a physical security survey has not been performed within the past 3 years. As discussed earlier in the report, there are serious facilities, [portion redacted] deficiencies that did not appear in the 2012 statement. The OIG team stressed that, in preparation for the 2013 statement, it is important that the mission review, document, and establish an improvement plan to resolve current deficiencies. 
    Because the main facility (the "chancery") is in a state of disrepair and a $34 million planned renovation is on hold, all embassy business must be conducted from an annex.  This as well as the intrusiveness of the government of Belarus makes conducting private communication virtually impossible.  The report notes that communications security is non-existent:
Embassy Minsk staff members, both American and local, are subject to regular harassment by the Belarusian security services. American staff residences have been entered surreptitiously. The embassy and all U.S. and Belarusian staff are under constant physical surveillance...
The embassy does not have classified communications. Staff members operate on the assumption that everything sent on unclassified systems or spoken on the telephone is monitored by Belarusian security services and other local security agencies.
    Restrictions and sanctions against Belarus by the U.S. and other countries make it important for diplomatic staff to keep a close eye on visas granted by the embassy:
The United States has also imposed sanctions on Belarus under several additional laws and executive orders, These sanctions include travel and financial sanctions and asset freezes against officials who have undermined democratic processes and against state-owned and other companies that have supported proliferation of weapons of mass destruction or money laundering. The European Union also maintains a broad range of sanctions against individuals and firms. 
    However, the same five-person staff limitation imposed by the host country has caused concerns about visa referrals issued by the embassy:
Senior embassy officials have made inappropriate visa referrals. Host government limitations on American staff numbers in Minsk have forced most Belarusians to apply for visas outside Belarus. With referrals affording the only access to a Minsk interview for many visa applicants, the referral program is unusually vulnerable to misuse.
    Other concerns are raised in the report as well, including one redacted in its entirety, as shown here:

    The State Department, first under Hillary Clinton and now John Kerry, instituted worldwide security reviews of diplomatic facilities after the Benghazi attack and in response to the subsequent report from the Accountability Review Board.  Although some advances have apparently taken place, this report on the Minsk embassy shows that security at foreign facilities is far from ideal.

Note: A version of this article first appeared at The Weekly Standard.

Obama: 'Sometimes People Forget I'm Not Running for Office Again'

    At a stop in San Francisco on a three-day fund raising swing along the West Coast, President Obama said during a speech that "...sometimes people forget I'm not running for office again."  The president was talking about Republicans in Congress and the immigration reform that he is trying to get through the House:
And some of them even forget that I'm -- sometimes people forget I'm not running for office again.  Michelle doesn’t forget.   (Laughter and applause.)  So you don’t have to worry about this somehow being good for me.  This is good for the country.   It's the right thing to do for the American people. 
    A remark the president made at his first stop on the tour, the Seattle home of Jon Shirley, may give some insight into why some forget the president isn't running again:
Well, first of all, let me just thank Jon for the second time for his incredible hospitality.  And I think it’s fair to say that between Nancy and me and Steve Israel, we do a lot of events.  I will say that this particular space is one of the more spectacular venues for an event.
    The president's schedule lists several Democrat party events for Monday alone:

Note: A version of this article first appeared at The Weekly Standard.

For Thanksgiving, Federal Government Targets ... Pumpkin Pie?

    Remember the old song, There's No Place Like Home for the Holidays?  The federal government has a rewrite in mind for this Thanksgiving: "I met a man who lived in Tennessee and he was heading for Pennsylvania and some homemade pumpkin pie a big bowl of fresh fruit." At least that's the implication from the Department of Agriculture's (USDA) new infographic:

    Among other suggestions are replacing butter with bananas or applesauce for baked goods and cutting back on the gravy.

Note: A version of this article first appeared at The Weekly Standard.

Obamacare Website Scrubs References to Online Functions of SHOP

    Though news of a one year delay in the online Small Business Health Options Program (SHOP) marketplace just broke early Wednesday afternoon (via Politico), Healthcare.gov wasted no time in updating the page on the website dealing with online functions of SHOP, though there is no notation that the page was revised.  The page, formerly titled "How do I apply for coverage in the SHOP Marketplace?" has been revised to "How do I enroll in coverage through the SHOP Marketplace?" and has been scrubbed of all references to online enrollment and even online account creation.  Here is a portion of the page as it currently appears:

    As early as this morning, the page appeared this way:

    Notably, archived versions of the page in question are not available, because "webcrawlers" used by search engines such as Google have been blocked by what is known as a "robot.txt" page on the site.  (THE WEEKLY STANDARD had a screenshot of the SHOP coverage page on file prior to Wednesday's revision.) As shown here, the SHOP apply-for-coverage page and several others have been blocked from archiving by Healthcare.gov:

    The same thing was done in mid-September to the "creating an account" page when the Account Creation feature was taken offline weeks before the October 1 launch.
    A related question, "How do my employees sign up for SHOP?" has been removed entirely and is met with a "Sorry, we can't find that page" message.  That page has appeared as follows:

    An archived version of that page is still available.

Note: A version of this article first appeared at The Weekly Standard.

IRS Program Allows Employees to Access IRS Data on Personal Smartphones

    The Internal Revenue Service is conducting a pilot program allowing IRS employees to use personal smart phones to access government email accounts and other work related information.  The program is known as Bring Your Own Device (BYOD), and the Treasury Inspector General for Tax Administration (TIGTA) has raised concerns about the security and cost-effectiveness of the program in a recent report:
TIGTA expressed concern that the IRS allows BYOD devices access to resources on the IRS network in addition to e-mail access. This increases the risk that privacy and taxpayer data could be compromised. TIGTA also raised concerns about allowing devices based on the Android operating system to participate in the BYOD pilot, because these devices are more subject to malware than the Apple devices tested in earlier phases. 
“A Bring Your Own Device program could provide significant benefits and even potential cost savings,” said J. Russell George, Treasury Inspector General for Tax Administration. “However, the IRS must conduct a thorough, realistic cost-benefit analysis before such a program’s benefit can be appropriately ascertained.”
Among the recommendations made by TIGTA are restricting the program to email access only, and delaying Android-device access completely until a risk assessment addressing security concerns is conducted.  The IRS agreed with all of TIGTA's recommendations except the Android device delay.  TIGTA remains unsatisfied with the IRS's response to the findings in the report:
TIGTA believes that some of the corrective actions proposed by the IRS are inadequate because they are contingent on BYOD expansion or additional funding. The relevant controls should be put in place for the existing BYOD effort, which does not have a clear end date and which is being used by hundreds of employees and devices within the production environment.

Note: A version of this article first appeared at The Weekly Standard

Monday, November 25, 2013

National Intelligence 'R' Us

    I performed a public service today for the Office of the Director of National Intelligence.  This tweet appeared this morning:

    Unfortunately, "KRNS"stands for "KNOWLEDGE REPRESENTATION IN NEURAL SYSTEMS", not "reputation," as seen at the link.  I helpfully pointed this out via a tweet of my own:

    A few minutes later:

    Hopefully this incident will not inflict lasting damage on the agency's representation, er, reputation.

HHS Plans to Spend Up to $7B to Find Ways to Reduce Costs Under Obamacare

    The Department of Health and Human Services revealed on Wednesday a plan to spend up to $7 billion to find ways to reduce spending under the Affordable Care Act while maintaining or improving the quality of health care.  The solicitation for bids for this wide-ranging project appeared today on the Federal Business Opportunities website:
The purpose is to develop a Research, Measurement, Assessment, Design, and Analysis (RMADA) IDIQ [Indefinite Delivery, Indefinite Quantity] to respond to expanded needs of the Patient Protection and Affordable Care ACT (ACA) and Health Care reform ACT (HCERA). The work awarded under the RMADA will involve the design, implementation and evaluation of a broad range of research and/or payment and service delivery models to test their potential for reducing expenditures for Medicare, Medicaid, CHIP, and uninsured beneficiaries while maintaining or improving quality of care.
     While the contract is to be an IDIQ contract, meaning that the quantity of work is variable and therefore the price to be paid is not fixed, documents accompanying the contract indicate the maximum is set at $7 billion over the life of the contract:

    While HHS has contracted out such research and modeling work before, the documents suggest that the implementation of the Affordable Care Act has added a new element to this type of project:
The need for analyses based on real time claims and utilization data is a unique factor that distinguishes today’s evaluation of models as opposed to prior demonstrations... Furthermore, because Innovation Center models often include collaboration among multiple payers and other entities, the current evaluation approaches will need to account for the need to gather, coordinate, and analyze private payer and other private data sources. In addition, evaluations involving other entities, such as payers, should plan to examine the role of CMS as a convener and how the model is received by both participating and non-participating affected parties.
    Interested parties have until January 14, 2014 to respond.

Note: A version of this article first appeared at The Weekly Standard.

White House Responds to Criticism of Restrictions on Press... With A White House Photo of Photographers

    On Thursday, a scathing article by Ron Fournier entitled "Obama’s Image Machine: Monopolistic Propaganda Funded by You" ran at National Journal taking the White House to task for shutting out press photographers from presidential events in favor of official White House photos taken by White House photographer Pete Souza.  The article, which received wide play on Thursday, included numerous examples of the superior access Souza has over the press photographers, such as this:

    The frustration is exemplified in the opening anecdote in Fournier's piece:
New York Times photographer Doug Mills strode into Jay Carney's office Oct. 29 with a pile of pictures taken exclusively by President Obama's official photographer at events the White House press corps was forbidden to cover. "This one," Mills said, sliding one picture after another off his stack and onto the press secretary's desk. "This one, too – and this one and this one and … ." 
The red-faced photographer, joined by colleagues on the White House Correspondents' Association board, finished his 10-minute presentation with a flourish that made Carney, a former Moscow correspondent for Time, wince. 
"You guys," Mills said, "are just like Tass."
    Late on Thursday, the White House, as if in response to the criticism, released a photo by Pete Souza -- a photo of photojournalists covering the signing of two bills, the Streamlining Claims for Federal Contractor Employees Act, and the Veterans' Compensation Cost-of-Living Adjustments Act of 2013, neither exactly marquee legislative achievements for the president:

    Perhaps the next time Doug Mills enters Jay Carney's office, he'll find a framed print of this photo on Carney's desk.

Note: A version of this article first appeared at The Weekly Standard.

Playing Chess With Iran

    To hear Obama administration officials tell it, Iran got snookered at the bargaining table in Geneva.  The description of the deal worked out between the P5+1 and the world's largest supporter of terrorism is so one-sided, it's a wonder the foreign minister of Iran will be allowed back into his home country.  Two unnamed senior administration officials held a background conference call with reporters early Sunday morning after Secretary of State Kerry addressed the press about the deal.  Here are a few of their remarks:
  • So these are very important concessions and the most significant progress that has been made in halting the progress of the uranium program in a decade...
  • Along with those agreements come an unprecedented transparency and intrusive monitoring of the Iranian program...
  • This is much more extensive monitoring than we have today, and it is a significant portion of this agreement...
  • So, taken together, again, a halt of activities across the Iranian program, a rollback in certain important elements, and extensive and intrusive monitoring...
  • First and most importantly, [Iranian sanctions] relief is limited, temporary, targeted, and reversible. It is designed so that the core of our sanctions, the sanctions that have had a tremendous bite -- the oil, banking and financial sanctions -- all remain in place. So in that very important respect, this deal is limited...
  • Second, the relief that Iran gets under this agreement is insignificant economically...
  • Iran is not back in business and anyone who makes the mistake of thinking so I think will be met with some serious consequences...
  • The deal that was struck is very limited in terms of the additional business that Iran can engage in...
  • So just looking at oil revenue alone, Iran will actually be worse off at the end of this six-month deal than it is today...
    And all of this while still explicitly acknowledging "Iran’s state sponsorship of terrorism, its destabilizing role in the Syrian conflict, and its abysmal human rights record[.]"  What is in this deal for Iran?  What motive does the regime that still publicly calls for Israel's destruction have?
The purpose of sanctions were not to just have sanctions in place. They were to change the calculus of the Iranian government. We began to see that with the election of a new President who ran on a mandate to achieve sanctions relief through a more moderate foreign policy towards the West. And we had an opportunity, the best opportunity we've had in five years, to test whether we could get an agreement through diplomacy.
    The situation calls to mind an amateur chess player who has just taken an important piece in a game with a grandmaster. "Did you see that?  I took his rook! He's in trouble now!" Meanwhile, the grandmaster is saying, "Wow... never saw that coming!" but a smile is visible behind his eyes as he envisions the endgame twelve moves in the future.  If Iraq, Afghanistan, Libya, Syria and Egypt are any indication, the Obama administration will once again be shaking its head and saying, "But things were going so well..." This time, however, the endgame could be the worst outcome yet: a nuclear Iran.

Saturday, November 23, 2013

Three Month Grace Period Mandated for Delinquent Consumers Who Receive Obamacare Subsidies

    Though the Obama administration has been promoting the benefits of Obamacare for several years now, one perk of coverage through the exchanges that has gone largely unnoticed is a mandated three-month grace period for unpaid premiums.  The rule, however, only applies to those receiving subsidies via tax credits advanced to the insurers by the government (§155.430 and §156.270 of the Code of Federal Regulations.)
    Perhaps most notable about the rule is that, as long as a consumer has paid at least one full month's premium during the year, the insurer must continue to pay claims for services rendered during the first month of the grace period after a premium goes unpaid.  Further, even if coverage is eventually terminated, the effective date must be the last day of the first month of the grace period. The consumer thus receives a free month of coverage for which no direct premium was paid.  The insurer is compensated only to the extent of the advance payment of the tax credit for that month.  The tax credits for the second and third months of the grace period, which the insurer is mandated to continue to collect from the government, must be returned to the government if coverage is ultimately cut off.
    Other burdens relative to delinquencies are placed on the insurers as well.  The insurer must notify not only the consumer of past due status, but HHS as well.  Also, while any claims submitted during the second and third month of the aforementioned grace period may be held by the insurer pending payment from the consumer, the insurer is required to notify providers that claims may be ultimately denied if the grace period expires.
    The regulations do not specify a minimum subsidy required for this regulation to take effect, so even a consumer whose subsidy represents only a small portion of the monthly premium may benefit from the extended grace period.  Also not spelled out in the rules is whether the insurer has any legal recourse for the unpaid premium for the month during which coverage was extended.  Nor is it clear if HHS has recourse against the consumer for the tax credit paid to the insurer for that same month.
    The implementation of the advance payments of tax credits to insurers on behalf of consumers is one of the tasks of Obamacare's financial management system, which is still under development as Deputy Chief Information Officer Henry Chao for the Centers for Medicare and Medicaid Services (CMS) told Congress on Tuesday.  Chao testified the system was approximately 60% complete.  However, as we reported on Thursday, the contract for the financial management system was just awarded this past August on a no-bid, emergency basis.  At the time of the award, CMS admitted that its acquisition of "contractor financial services to assist CMS in developing and testing its Marketplace financial activity implementation solution is already minimally two months overdue[.]"  It is not clear if the 60% figure Chao used on Tuesday includes the testing of the system or simply the development phase.
    Less than six weeks remain before the system will need to go live and, among a multitude of other financial tasks, begin remitting funds to insurers on behalf of consumer who purchase coverage through the exchanges.  CMS does not appear to have an alternative if the system is not ready.  In CMS's own words from the August contract award notification, the consequences, "financial and other," of such a failure would be "severe."

Note: A version of this article first appeared at The Weekly Standard.

UPDATE:  After I wrote my article for The Weekly Standard, I found that Reason had already covered this topic earlier in November.

Friday, November 22, 2013

Government Remains Silent on Emergency, No-Bid Obamacare Financial Management Contract

    Even before the October 1 launch, concerns were mounting over the ability of the government to handle the implementation of the Affordable Care Act (ACA), or Obamacare.  Though many expressed those concerns publicly, insiders at the White House, Health and Human Services (HHS), and the contractors hired to design and run the site and its programs were largely silent about potential pitfalls, or at least downplayed them.  However, some internal memos and reports have since come to light as the "glitches" mounted.  But at least one red flag is hiding in plain sight, and the impacts of the serious concerns expressed in an HHS document first reported on by THE WEEKLY STANDARD on September 16 are still looming against a fast-approaching January 1 deadline.
    In testimony before Congress on Tuesday,  Deputy Chief Information Officer Henry Chao for the Centers for Medicare and Medicaid Services (CMS) addressed a heretofore largely overlooked element of the federal government's role in Obamacare's ongoing functions: what happens beginning in 2014.  The website roll out problems have obscured the larger issue of the ongoing responsibilities of CMS.  But, as Politco reports, Chao spoke to some of those issues on Tuesday:
Financial management tools remain unfinished, he said, particularly the process that will deliver payments to insurers... 
The functions need to operate correctly so insurers can enroll the right people in the right plans. That process, called reconciliation, has to work so people can get the care they seek starting as early as Jan. 1. 
...“back office” functions, including accounting and payment systems, were not yet complete.
    Last Thursday, President Obama said that the problems of Healthcare.gov stem from the fact that it is "very complicated.  The website itself is doing a lot of stuff."  While there may be room for debate about whether Healthcare.gov rivals Amazon or Travelocity in complexity, arguably the real work of the ACA still lies ahead: this financial management of ACA functions over the long haul to which Chao referred.  While the current functions of the website may be complex, the financial management functions that CMS needs to have in place by January 1 are far more involved.  Details of these functions and the concerns CMS expressed about its readiness and ability to carry them out are contained in a Justification and Approval that accompanied the awarding of a no-bid, emergency contract to Novitas Solutions, Inc. in early August of this year.
    THE WEEKLY STANDARD in September reported the $11.6 million contract award, noting that in early August CMS had recognized that the "specialized financial management services and expertise are needed beyond what was initially anticipated and beyond CMS' currently available resources," and that development and testing, at that point less than two months from the October 1 launch and less than five months from the January 1 effective date of new coverage, were "already minimally two months overdue."
    The document is remarkable both for its dire warnings and its candor. CMS disclosed that the need had "reached an unusual and compelling level of urgency. The prospect of a delay in implementing the Marketplace by the operational date of January 1, 2014, even for a few days, would result in severe consequences, financial and other..." and "...if payments are not made and debts are not collected, with critical consideration given to timeliness, accuracy and integrity, the Agency's implementation and operation of the Marketplace and the Affordable Care Act will certainly be jeopardized."  These statements are part of a rather lengthy narrative describing the tenuous position in which CMS found itself, but it is worth an extended look to appreciate the magnitude of the task with which CMS believed it was faced and the level of CMS's concerns regarding the dire circumstances that would likely result from any further delay [emphasis added]:
Since enactment of the Affordable Care Act and establishment of the new Marketplace, CMS has been actively developing and refining new and existing procedures and requirements to ensure the successful implementation and operation of the new, complex Marketplace. Throughout every phase of implementing such a large and dynamic program of a kind that has never been done before and as requirements and procedures are being developed and are emerging, CMS continues to learn, evolve and gain insight. As the deadline for implementing the new Marketplace nears, the Agency has been assessing and testing its plan and solution for implementing the new Marketplace. With every unknown and variable encountered, CMS has been leveraging resources and changing, refining and retesting its solution, to not only ensure that the Marketplace is operational on January 1, 20l4, but to ensure that this vital part of the Affordable Care Act is operating effectively and efficiently with as little complication as possible. CMS has recently learned that specialized financial management services and expertise are needed beyond what was initially anticipated and beyond CMS' currently available resources... 
With the impending and mandated October 1, 20l3 Marketplace enrollment and January 1, 2014 go-live deadlines nearing, CMS' need for contractor-provided financial management services has reached an unusual and compelling level of urgency. The prospect of a delay in implementing the Marketplace by the operational date of January 1, 2014, even for a few days, would result in severe consequences, financial and other. The effect of those consequences would most importantly be measured by the impact to the estimated millions of Americans and small businesses that have no health care today or access to affordable health care. Furthermore, if payments are not made and debts are not collected, with critical consideration given to timeliness, accuracy and integrity, the Agency's implementation and operation of the Marketplace and the Affordable Care Act will certainly be jeopardized.
In addition to the urgent and compelling nature of this requirement and the potential for financial and other harm to the Government if the Marketplace is delayed, regrettably CMS does not have enough time to conduct a full and open or limited competition. Acquiring contractor financial services to assist CMS in developing and testing its Marketplace financial activity implementation solution is already minimally two months overdue; therefore, the contractor will be working under an accelerated and fast-tracked schedule...
    The document goes on to describe how CMS arrived at the decision to award the no-bid contract to Novitas, a contractor that already does a considerable amount of work for CMS.  The approval was signed by no fewer than nine CMS officials, up to and including  Chief Operating Officer A. Michelle Snyder.
    The type of work to be done by Novitas is quite extensive and is itemized in the project description:
The contractor shall provide financial management, accounting and reporting services in support of CMS' administration and oversight of the Marketplace financial activities and functions using CMS' accounting system, the Healthcare Integrated General Ledger Accounting System (HIGLAS) to include: accounting, printing and mailing, tracking of accounts receivable and accounts payable, documenting funds collected by CMS, data validation, activity reporting, debt management functions, application of receipts to appropriate transactions, referral of debt to the Department of the Treasury (Treasury), specified batch payment functions in HIGLAS, and systems interface testing and support for HIGLAS functionality.
     The contract announcement and accompanying documents are not completely clear how these activities translate into functions to carry out the ACA and support Healthcare.gov. For example, regulations governing the marketplaces say that an "Exchange may establish a process to facilitate through electronic means the collection and payment of premiums to QHP issuers."  It remains unclear if Healthcare.gov offers such a facilitation process yet, or if that feature will be activated later. (Maryland recently announced that its state-run exchange was indefinitely suspending the bill-pay feature.)
    In any case, as another example, CMS will be responsible for facilitating the payment of the advance tax credits for consumers receiving government subsidies for their plans.  The regulations describing that one function alone reveal a complex formula to determine how, when, and to whom the funds should be remitted, and notifications and other requirements regarding the disposition of the credits.
    However, since the exact nature of the contractor's work remains unclear, we contacted CMS on September 26 to ask for clarification on the contract, and how the work related to the ACA and its functions.  The following email was received in reply:

    However, despite repeated followup email requests, no further information has been received from Mr. Olague or anyone else at CMS in the seven intervening weeks.  A similar email to the contractor, Novitas, was answered promptly, but the company declined to provide further details and referred questions back to CMS.
    The lack of proper operational and security testing of Healthcare.gov that was revealed in the last month and a half give rise to serious questions about the readiness of other areas under CMS's purview related to Obamacare.  Though the agency acknowledged back in August that development and testing were "already minimally two months overdue," there has been no  publicly available update on the status of the Obamacare financial management system until Chao's rather vague testimony on Tuesday that the system may be 60% or so complete.  Without some level of transparency from CMS, the public has no way of knowing if CMS's warnings of "severe consequences, financial and other" will materialize, or whether concerns that the "Agency's implementation and operation of the Marketplace and the Affordable Care Act will certainly be jeopardized" have been adequately addressed.

Note: A version of this article first appeared at The Weekly Standard.