Tuesday, January 28, 2014

Emergency $8.7M Contract Awarded on Eve of Healthcare.gov Launch

    In a stunning admission, a recently released government document reveals that the original contract for Healthcare.gov contained no "specific concurrent user performance requirement".  The federal government's online marketplace was plagued from the outset, in part due to the lack of ability to handle the amount of traffic to the site.
    Less than a week before the long-anticipated launch of the Obamacare marketplaces, testing revealed that the cloud computing services needed for the operation of Healthcare.gov and the Data Services Hub could only handle 20% of the projected traffic beginning October 1.  The Centers for Medicare and Medicaid Services (CMS) executed an $8.7 million contract modification on September 30 with Terremark Federal Group in an attempt to rectify the situation.  The Justification document for the modification claims that CMS "could not have anticipated the need"  before the testing conducted on September 26, because the original "task order did not have a specific concurrent user performance requirement":
CMS could not have anticipated the need to add these additional services. Previous resource estimates gave CMS reasonable assurance that the capacity procured through this order was sufficient for the expected demands. CMS learned through performance and stress testing conducted on September 26, 2013 that the Terremark cloud would only be able to handle about 10,000 concurrent users. This was far short of the expected peak traffic of 50,000 concurrent users. The task order did not have a specific concurrent user performance requirement. OIS quickly realized that the cloud services would have to be expanded in order to be able to meet the expected user demands. 
    While the documents authorizing the contract modification were signed by those immediately responsible on September 30, months passed before signatures were obtained for those farther up the chain of command.  Some signatures were added throughout November, but the final signature, that of then-Chief Operating Officer Michelle Snyder, was not added until December 18.  Snyder retired at the end of 2013.
    The $8.7 million modification increased the value of the Terremark contract from $37.3 million to $46 million.  CMS believed that without the additional capacity, the "Exchanges would not function as designed and citizens would not be able to comparison shop for affordable health care insurance." Internal emails at CMS from the week preceding the launch revealed the major testing debacle when the system could not even handle 10,000 concurrent users, much less 50,000, but the emails do not appear to directly reference this cloud computing contract modification.  Subsequent events, however, confirmed CMS's fears, although lack of capacity was far from the only problem ultimately faced by the troubled website.

Note: A version of this post first appeared on The Weekly Standard.

White House Deletes Blog Post Warning Against Marijuana Legalization; Since Restored [see update]

    Monday morning, the Office of National Drug Control Policy (ONDCP) blog at Whitehouse.gov posted an entry entitled: "Support for National Association of School Nurses' [NASN] Position on the Legalization of Marijuana."  However, the original link for the post is now meet with a "Sorry, the page you're looking for can't be found" message, and the most recent post on the ONDCP blog is dated January 20.
    The main thrust of the deleted entry is that the NASN agrees with the Drug Enforcement Agency (DEA) that "the overwhelming evidence" is that "any change in the legal status of marijuana, even if limited to adults, could affect the prevalence of use among adolescents."
    The president raised eyebrows recently by downplaying the dangers of marijuana, even by young people:
As has been well documented, I smoked pot as a kid, and I view it as a bad habit and a vice, not very different from the cigarettes that I smoked as a young person up through a big chunk of my adult life. I don’t think it is more dangerous than alcohol.
    The president went on to say in the same New Yorker interview that it is "important for [legalization of marijuana] to go forward":
[President Obama] said of the legalization of marijuana in Colorado and Washington that “it’s important for it to go forward because it’s important for society not to have a situation in which a large portion of people have at one time or another broken the law and only a select few get punished."
    The deleted blog post is still available via a Google cache, which shows how it appeared on Whitehouse.gov for part of the day on Monday:

    The full post reads as follows:
Support for National Association of School Nurses' Position on the Legalization of Marijuana 
Posted by David Mineta, Carolyn Duff and Mary Louise Embrey on January 27, 2014 at 09:00 AM EST 
The Office of National Drug Control Policy (ONDCP) joins school nurses across the country to express our support for efforts that promote wellness and good health outcomes for our Nation’s children, including the prevention of substance use disorders. ONDCP shares the concerns of school nurses regarding the harmful effects of marijuana use among young people. Given research indications that marijuana is harmful to the developing brain,[1] we are especially concerned about the repercussions of use on the health, safety, and education of adolescents. On January 27, 2014, based on overwhelming scientific evidence, the National Association of School Nurses (NASN) Board of Directors adopted an official position statement[2] outlining the negative impact of marijuana legalization on the health of students. ONDCP supports NASN in bringing attention to this issue.
School nurses are present in 75 percent of the Nation’s schools, so many are in touch with substance use trends within the school and greater community and are able to make educated assessments when students visit their offices.  The school nursing profession has more than 100 years of experience, and school nurses know first-hand that healthy, drug-free children learn better! As more and more states consider the legalization of marijuana, school nurses are compelled to continue providing their students with the facts on the multiple physical and behavioral health consequences of marijuana use. Access to marijuana by young people and the impact of its use on the developing brain continue to be matters of concern for both ONDCP and NASN. 
Together, we recognize that adult influencers, including parents, school nurses, teachers, counselors, and other support personnel in the academic setting, are key to helping adolescents understand the connection between good health practices and educational achievement.  There is grave concern that marijuana use, given its impact on cognitive development, motor skills, and attention, will be detrimental to the learning environment for our young people. We encourage professionals in all health fields, parents, educators, and communities to get involved with this issue. We all must work together to reduce marijuana use and prevent substance use disorders among our young people. 
David Mineta is Deputy Director for Demand Reduction at ONDCP. Carolyn Duff is President of the National Association for School Nurses, and Mary Louise Embrey is the NASN Consultant on Substance Abuse Prevention.

[1] Meier MH, Caspi A, Ambler A, Harrington H, Houts R, Keefe RS, McDonald K, Ward A, Poulton R, Moffitt TE.  Persistent cannabis users show neuropsychological decline from childhood to midlife. Proc Natl Acad Sci U S A. 2012, Aug 27. 
It is the opinion of the NASN that marijuana is properly categorized by the DEA under Schedule 1 of the Controlled Substance Act.  NASN recognizes the overwhelming evidence that “any change in the legal status of marijuana, even if limited to adults, could affect the prevalence of use among adolescents.”
    The ONDCP's fact sheet on marijuana on the White House website says:
The Administration steadfastly opposes legalization of marijuana and other drugs because legalization would increase the availability and use of illicit drugs, and pose significant health and safety risks to all Americans, particularly young people.
    Emails to the White House press office and to the National Association of School Nurses inquiring about the deletion of the blog post have so far gone unanswered.

UPDATE: A public affairs official at ONDCP emails to say that the post is now back up: "Saw your post on the standard re: our blog on school nurses.   Was an administrative issue - It was posted prematurely by our web team ahead of the resolution, but it’s back up now that the resolution formally passed.  Here’s the link: http://www.whitehouse.gov/blog/2014/01/24/support-national-association-school-nurses-position-legalization-marijuana"

Note: A version of this post first appeared at The Weekly Standard.

Friday, January 24, 2014

Security Expert: Attacker Can Host Any Content Under Healthcare.gov Umbrella

    A security expert who has testified before Congress and spoken in the media about vulnerabilities in the Healthcare.gov website has weighed in on the website's latest security issue, which was first reported Thursday by THE WEEKLY STANDARD.  David Kennedy, the CEO of TrustedSec, an information security firm, said that the unintended opening at Healthcare.gov detailed in Thursday's story would allow malicious scammers to fool users with a "website that’s legitimate to make them believe its something else."  He said the existence of this potential pitfall on the site is "absolutely amazing," and added that "an attacker can basically create a functioning website and host any content they want there and under the umbrella of healthcare.gov."
    At issue is the profile feature of the data.healthcare.gov section of the website that allows anyone to set up a custom made page intended to host "data-sets" based on the insurance plan information database on the website.  Users can sort, group and otherwise manipulate the data to create unique presentations based on various criteria.  However, the lack of disclaimers and other safeguards allow marketers, or worse, scammers and identity thieves, to establish what appears to be legitimate Healthcare.gov webpages which can be used to redirect users to other sites.
    A fuller explanation of the problem, complete with examples of offending profiles, can be found in Thursday's story; but an example of how the profile feature can be misused was set up for this story and can be seen here:

    The feature even made it possible to upload a clipping of an actual Healthcare.gov graphic to give the page an even more genuine look.  Experienced users of the data-set feature would not be fooled, but unsuspecting users directed to the page by a link beginning with "https://data.healthcare.gov" contained in an email or another website could easily be duped into believing they had accessed a government sanctioned webpage.  Links contained in the profiles contain no disclaimers or warnings and could be used to redirect users to sites where personal and financial information could be harvested.
    TrustedSec's Kennedy noted that by Friday morning, the ability to create a data-set profile via the Healthcare.gov website had been removed since the original story ran on Thursday. However, he pointed out that this may not solve the problem.  Profiles can still be set up at opendata.socrata.com, the website that facilitates the data-set function for Healthcare.gov.  It is not clear at this time, however, if those new profiles can be accessed publicly with a data.healthcare.gov address.  Accounts set up before Friday are still accessible at Healthcare.gov.
    Kennedy also pointed out that other profiles have been set up for simply comic purposes at the site.  One is titled The Bieb, complete with Justin Bieber's recent mug shot.  Another is called William "I love bacon" Shakespeare with a picture of the bard looking quite shocked.  However, the real possibility of innocent users of Healthcare.gov having their personal information or identities stolen is no laughing matter.  The longer the profile feature remains inadequately safeguarded and monitored, the more likely that someone simply looking for health insurance will get far more, or rather lose far more, than he bargained for.

UPDATE: Shortly after this story posted Friday morning, Healthcare.gov disabled access to all data-set profiles.  Attempts to view a profile are redirected back to data.healthcare.gov.  However, cached pages of the profiles are still available at archive.org, such as here and here.

Note: A version of this post first appeared at The Weekly Standard.

Thursday, January 23, 2014

Opportunistic Marketers Exploit Opening at Healthcare.gov

    At least three marketers of health-related or insurance products and services have taken advantage of the "data-set" feature at Healthcare.gov to give themselves a virtual presence on the federal government's Obamacare site.  The ability to use a web address containing "healthcare.gov" may lend credibility and even imply endorsement by the government.  An informational website about schizophrenia called Schiz Life and a company hawking an anti-wrinkle skin product called Vivexin have both used the "profile" feature of data.healthcare.gov to introduce users to their services and products, as well as direct users to their respective websites.  A third profile even offers "universal life insurance" from No Exam Insurers.
    Here is an example of one of the profiles in question:

    The information is presented in a rather clinical fashion, but all the profiles contain links further down on the pages that direct users to websites where more information is given and, in some cases, products can be ordered.  There is no disclaimer anywhere on the profile pages that the information presented is not endorsed by Healthcare.gov, nor is there the customary warning found on many government websites that the pages contain "an external link that is not the responsibility of, or under the control of" the federal government.  
    The addresses of all three profile pages begin with "https://", which indicates a secure browser connection, providing further reassurance that the pages are a legitimate offering of the Obamacare site.  The "https://" is followed by "data.healthcare.gov", which is the domain also used for legitimate and intended purposes by the site's administrator and other registered users.  Thus, anyone could set up a similar profile (conceivably with more malicious purposes than these three sites appear to have) and proceed to advertise their data.healthcare.gov link on another website or in an email.  The Healthcare.gov address could easily influence the uninformed to believe that they are accessing government-sponsored webpages, leaving them wide open to "phishing" attacks where identity thieves extract personal and financial information from the unsuspecting.
    The three profiles described above appear to violate the terms of service of data.healthcare.gov which prohibits "Unsolicited promotions, political campaigning, advertising or solicitations."  However, at least one of the profiles has been around for weeks, possibly longer.  Also, there is evidence that a fourth profile promoting an anxiety-reducing and/or weight-loss product has been directly linked to by external websites.
    The "data-set" feature of Healthcare.gov was established to allow users to sort and present the health insurance plans and data used by the site in various ways that might be helpful to those looking for a plan or those researching trends and patterns in the health insurance marketplace.  The site provides details of the different ways the data can be manipulated and even published.  There are a number of apparently legitimate users who have established profiles and created their own data sets.  The profiles even include social-media-type features such as photos and "followers."  But as is the case everywhere on the internet, without adequate safeguards and monitoring, there are always those who will subvert the intended purpose of a given website if given an opening.  As the cost of Healthcare.gov approaches half a billion dollars, it is clear more money is not always the answer.  When it comes to earning the trust of the public, Healthcare.gov obviously has more work to do.

Note: A version of this post first appeared at The Weekly Standard.

Wednesday, January 22, 2014

Ban Ki-moon to Conference on Disarmament: "Arm Yourself With the Spirit of Blue Horse"

    When United Nations Secretary-General Ban Ki-moon addressed the Conference on Disarmament in Geneva, Switzerland on Monday, he did so against the counsel of some of his senior advisers.  He had some tough words for the assembly, suggesting they were captive to "old-think", warning them not to "hide behind utopian logic", and reminding them that the group had "remained unable to begin substantive negotiations" since at least 2011.
    But the Secretary-General also had some encouraging, if unconventional, words for the Conference as well, involving an imaginary animal: a blue horse.
Let me begin by wishing you all the best for the happy new year.  In my part of the world, 2014, this year has been designated the “year of the blue horse”.  
A horse represents of course vigour and speed – and a blue horse of course is an animal of imagination... 
Even though your mandate is to disarm, today, I say, “Arm yourself, arm yourself with the spirit of blue horse and run.  Run fast and run far.”
    Despite the Secretary-General's exhortation, if the past is any guide, the Conference on Disarmament will continue to find its goal as elusive as that mythical blue horse armed with its spirit or not.

Tuesday, January 21, 2014

Director of National Intelligence Counterterrorism Map Misspells 'Israel'

    The Office of the Director of National Intelligence released its interactive 2014 Counterterrorism Calendar this week on the website of the National Counterterrorism Center.  The map provided with the calendar contains an embarrassing error, misspelling the name of the US's closest ally in the Middle East, Israel, as "Isreal."  The error can be seen by hovering over the tiny country with a computer's mouse:

    Israel is included in the map because of the activity of Hamas.  Information on that group is available in a pop-up window where the name of the country is spelled correctly:

    Despite Israel's inclusion on the larger map, three other countries are missing [circles added]:

    Libya and Tunisia are not labeled or highlighted on the map despite the State Department's recent designation of Ansar al-Shari’a groups in both countries as Foreign Terrorist Organizations.  The designations were announced on January 10, and the map was not released until January 14.  Also unlabeled on the map is Iran, recognized as one of the leading state sponsors of terrorism in the world.  The following appears in the State Department's most recent Country Reports on Terrorism:
In 2012, there was a clear resurgence of Iran’s state sponsorship of terrorism, through the Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF), its Ministry of Intelligence and Security, and Tehran’s ally Hizballah, who remained a significant threat to the stability of Lebanon and the broader region. Attacks in Europe, Africa, the Middle East, South Asia, and the Far East were linked to the IRGC-QF or Hizballah. In fact, Hizballah’s terrorist activity has reached a tempo unseen since the 1990s with attacks plotted in Southeast Asia, Europe, and Africa.
UPDATE: A spokesman for the National Counterterrorism Center (NCTC) writes: "Thank you (and Mr. Bier) for highlighting the typographical errors associated with our online interactive calendar. We’ve provided these edits to our graphics team who will correct the programming as soon as possible." He also notes that map was released by NCTC, not the Office of the Director of National Intelligence. NCTC reports to the Director of National Intelligence.

Note: A version of this article first appeared at The Weekly Standard.

Friday, January 17, 2014

What Happens in the Middle East Stays in the Middle East

    White House Press Secretary Jay Carney was asked this week about the Obama administration's reaction to Iran's foreign minister laying a wreath at the tomb of an infamous Hezbollah terrorist in Beruit, Lebanon.  In response, Carney quoted the statement issued by National Security Council spokesperson Caitlin Hayden:
MR. CARNEY:  Well, I’d say a couple things.  On the matter of the Iranian foreign minister honoring Imad Mugniyah, the United States condemns the decision taken by the Iranian foreign minister to place a wreath at the grave of a former leader of the Lebanese Hezbollah responsible for heinous acts of terrorism that killed hundreds of innocent people, including Americans.  The inhumane violence that Mugniyah perpetrated and that Lebanese Hezbollah continues to perpetrate in a region with Iran’s financial and materiel support has had profoundly destabilizing and deadly effects for Lebanon and the region.
The decision to commemorate an individual who has participated in such vicious acts and whose organization continues to actively support terrorism worldwide sends the wrong message and will only exacerbate tensions in the region....
    But then Carney went further to put the incident in the context of the administration's current diplomatic engagement with Iran:
So our disposition has not changed on these matters.  And that's why it’s so important to be clear that the actions that Iran takes, the steps it takes to either comply with or not comply with commitments it makes are what we judge Iran by -- not by statements meant for a domestic audience or by promises rather than action.  So we’re going to press forward. 
    Notice two things in Carney's response.
    First, there is the odd wording of Hayden which Carney quoted: "the United States condemns the decision taken ... to place a wreath..."  Why "condemn the decision" as opposed to condemning the action itself?  The administration is finding fault with Iran's decision-making process first and foremost that "sends the wrong message" rather than its commemoration of a dead terrorist responsible for the deaths of scores of Americans and others.
    Second is Carney's assertion that the United States does not judge Iran "by statements meant for a domestic audience."  Carney seems to be implying that the wreath laying was meant for domestic consumption in Iran and the broader Arab Middle East, and that the Obama administration is not going to judge Iran on such things, but only on actions specifically related to the recently announced nuclear deal.
    The unconscionable action of the Iranian foreign minister demanded unequivocal condemnation by the United States and perhaps even that the world's leading state sponsor of terrorism be made to pay a price for pouring salt in decades-old wounds.  Instead, Iran was criticized for bad PR.  For years, the enemies of Israel and the U.S. have had one message (in English) for the West, and another (in Arabic) for domestic audiences.  The Obama administration essentially reminded Iran to stick to the script.

Thursday, January 16, 2014

Kerry: Poverty is "Root Cause of Terrorism" in "Many Cases"

    Secretary of State John Kerry covered a broad range of topics with his counterpart Pietro Parolin at the Vatican in Rome on Monday.  Besides Syria, the Middle East peace process, Sudan and Cuba, the subject of poverty came up during their discussions.  In remarks following the meeting, Kerry linked poverty to not only terrorism, but to the "disenfranchisement of millions" [emphasis added]:
We talked about the common interest of Pope Francis and President Obama in addressing poverty and extreme poverty on a global basis. The United States of America is deeply involved in efforts in Africa and in other parts of the world – in Asia, South Central Asia – to address this poverty, as is the Catholic Church. And so we have a huge common interest in dealing with this issue of poverty, which in many cases is the root cause of terrorism or even the root cause of the disenfranchisement of millions of people on this planet.
     Kerry's statement echoes comments he made in October 2013 at the Global Counterterrorism Forum after terrorist attacks in both Nairobi, Kenya, and Peshawar, Pakistan: "Getting this right isn’t just about taking terrorists off the street. It’s about providing more economic opportunities for marginalized youth at risk of recruitment."

Note: A version of this article first appeared at The Weekly Standard.

Monday, January 13, 2014

State Dept. Won't Identify "Specific Scenarios of Noncompliance" in Iran Deal

    Yesterday, the Obama administration announced an agreement regarding Iran's nuclear program had been reached.  But a statement about the enforcement of the deal made by a senior administration official during a background briefing on Sunday, however, is likely to further worry critics of the deal.  The official declined to cite a single example of an "individual instance of noncompliance" that would trigger the reversal of the sanctions relief put into effect by the deal:
QUESTION: ... If Iran violates any part of this deal, does the deal come to an end immediately? I know you said that there would be more sanctions. But what specifically does it mean for the deal?...
SENIOR ADMINISTRATION OFFICIAL ONE: ... I think the bottom line is this agreement is based on the two sides taking steps that fulfill their commitment, and the implementation plan provides for a roadmap for the timing and sequencing of those steps. I couldn’t speculate onto specific scenarios of noncompliance. What I would say, though, is that if Iran does not comply with the agreement, then the relief that they’ve accessed as part of the agreement is reversed. And we have said that we would move to impose additional sanctions, including working with Congress to do so.
So the short answer to your question is yes, if we were to assess that Iran had not complied, then they would not be able to access the relief that they’re slated to get through this agreement, and we would move to additional sanctions. Now, the specifics of those scenarios remain hypothetical, so at this point, I wouldn’t want to speculate as to what an individual instance of noncompliance is.
    The official went on to say, "Our hope and expectation is that Iran will comply."

Note: A version of this article first appeared at The Weekly Standard.

Saturday, January 11, 2014

Paid Obamacare Enrollment Data Likely Not Released Until February

    The Obama administration has come under fire for weeks now for selectively releasing "enrollment" data for Healthcare.gov and the state exchanges.  The latest figure of 2.1 million was met with skepticism by many observers, even some who are sympathetic to the administration.  Based on previously published guidance for insurers by the Centers for Medicare and Medicaid Services (CMS), however, it is likely any data the administration has on paid enrollments is substantially incomplete.
    On October 3, two days after the launch of Healthcare.gov, CMS published a document called "Federally Facilitated Marketplace Enrollment Operational Policy & Guidance."  The manual begins with a preamble that reads in part:
This draft manual will go into effect with minimal changes as of October 1, 2013. All enrollments made on or after October 1, 2013, must be processed in accordance with these requirements. It is CMS’ intention that this will be a living document, updated regularly, and supported by clarifying bulletins in the interim between updates.
    Although CMS says the manual will be "updated regularly", it appears from the Regulations and Guidance page of CMS's website that the October 3 draft of the manual is the most recent version.  That same page does, however, include various updates relating to the Affordable Care Act, including one just issued on December 31.
    The pertinent guidance relating to the reporting of enrollment data is found in the October 3 draft manual in Section 2.4 Relationship between Premium Payments and the Confirmation/Effectuation 834 Transaction. Some of this guidance is already outdated, such as these statements: "Issuers do not have the ability to grant grace periods for payment of the initial month’s premium" and "...issuers may receive payments the day prior to the enrollee’s coverage effective date."  Once it became clear that January 1 coverage would be jeopardized for many due to problems with the website, CMS worked with insurers to extend payment due dates to January 10 in some cases.  California, which operates its own exchange, extended the payment deadline to January 15.  Several Blue Cross Blue Shield plans, including Illinois and Texas, have extended their deadlines all the way to January 31 according to a Wednesday report from Reuters.
    The portion of the guidance from the October 3 manual that directly impacts the timing of reporting, which technically only applies to the Federally Facilitated Exchanges (FFEs) but practically speaking would affect the state exchanges also, reads as follows [emphasis added]:
For purposes of generating the confirmation transaction, full payment occurs when the issuer receives full payment... of the portion of the premium for which the enrollee is responsible. We realize that some enrollees will wait until just prior to their coverage effective date to make payment, and therefore issuers may receive payments the day prior to the enrollee’s coverage effective date. In such circumstances issuers may not be able to transmit all confirmation transactions prior to the coverage effective date. However, the FFM expects QHP and QDP issuers to send all confirmation transactions by the fifth calendar day of the effective month of coverage. 
    Under the original guidance, this would have meant all insurers would have been required to send confirmations to CMS by January 5.  However, with the payment deadlines extended to as late as January 31, those insurers presumably have until as late as February 5 to transmit the confirmation of paid enrollments for coverage effective January 1 to CMS.  Again, although this guidance applies specifically to FFEs, state exchanges will need to transmit confirmations to CMS as well in order to have tax credit subsidies processed and paid to insurers.  As noted in the guidance, insurers must send confirmations after receiving payment from consumers and not wait for the balance of the payment from ant government subsidy.  It is unclear when and how those subsidies will be remitted to insurers since the "back end" of the system is apparently still under construction.
    February 5 may actually be an optimistic estimate of when complete paid enrollment data will be available.  The following diagram is from a March 2013 version of a CMS document regarding transaction information in the FFEs:

    Although revisions of this process will have changed the information flows illustrated by this diagram, the inclusion of information from state exchanges will certainly not make the accumulation of aggregate enrollment data any simpler.  The public may have to wait until mid-February or later to find out the true Obamacare enrollment as of its January 1, 2014 debut.

Note: A version of this article first appeared at The Weekly Standard.

Thursday, January 9, 2014

HHS "Corrects" Obamacare Rule, Waives Comment Period and 30-Day Delay

    On New Year's Eve day, a Department of Health and Human Services (HHS) rule correction was entered in the Federal Register related to an Affordable Care Act rule that had been finalized two months earlier.  The published version of the rule entitled (in part) ‘‘Patient Protection and Affordable Care Act; Program Integrity" , subpart M (‘‘Oversight and Program Integrity Standards for State Exchanges’’), failed to include a cross-reference to the small business health options program (SHOP) Exchanges section of the regulations. This "technical nonconformity" meant that SHOP's were not subject to the new rule.  Since HHS believed the intent of the original rule was clear, the correction was made without the usual comment period and 30-day delay before the rule would take effect in 2014.
    The substance of the correction is explained in the Federal Register as follows:
On page 65095, in the Federal Register of October 30, 2013, we added subpart M ‘‘Oversight and Program Integrity Standards for State Exchanges’’ to the regulations text at 45 CFR part 155. While it was clear from the preamble and regulations text that subpart M applies to all Exchanges, including small business health options program (SHOP) Exchanges, due to an oversight we inadvertently omitted cross-referencing new subpart M at § 155.705(a) of the regulations in part 155, subpart H—Exchange Functions: Small Business Health Options Program. Accordingly, we are revising § 155.705(a) so that the regulations in part 155 consistently reflect our policy that all Exchanges, including SHOP Exchanges, must carry out the required functions of an Exchange that are set forth at subpart M. We are correcting § 155.705(a) by adding a cross reference to subpart M, so that the provision reads, ‘‘Exchange functions that apply to SHOP’’. The SHOP must carry out all the required functions of an Exchange described in this subpart and in subparts C, E, K, and M of this part, except..."
    The notice explains that the comment period and 30-day delay may be waived "if the Secretary finds for good cause that the delay is impracticable, unnecessary, or contrary to the public interest, and incorporates a statement of the findings and the reasons therefor in the rule issued."
    In late November, the Obama administration announced that online enrollment for the federally facilitated SHOP's would be delayed for a year due to problems with the Healthcare.gov site.  The SHOP program, however, is still available to businesses through brokers, and is also available for businesses in states operating their own online insurance exchanges.

Note: A version of this article first appeared at The Weekly Standard.

Wednesday, January 8, 2014

Eric Holder: School Fights are "Relatively Minor Transgressions"

    Wednesday, Attorney General Eric Holder gave a speech at Frederick Douglas High School in Baltimore, MD.   I wrote about the announcement of the appearance at The Weekly Standard earlier in the day.  The event was billed as "Solutions to Enhance School Climate/Improve Discipline Policies and Practices".  Holder was there with Education Secretary Arne Duncan as part of President Obama's anti-gun violence initiative launched in response to the Sandy Hook Elementary School shooting.
    Part of the president's plan was to "disseminate best practices on school discipline policies and to help school districts develop and equitably implement their policies."  In fleshing out this proposal, Holder made a rather strange, even alarming, statement:
As it stands, far too many students across the country are diverted from the path to success by unnecessarily harsh discipline policies and practices that exclude them from school for minor infractions.  During critical years that are proven to impact a student’s later chances for success, alarming numbers of young people are suspended, expelled, or even arrested for relatively minor transgressions like school uniform violations, schoolyard fights, or showing “disrespect” by laughing in class.
    Holder's formulation conflates "schoolyard fights" with school uniforms violations and laughing in class, clearly a false equivalence.  While the latter two items might be characterized as "relatively minor transgressions," does a physical altercation really fit the bill?  Fights do not begin spontaneously - usually there is an aggressor, which probably indicates an assault and battery has occurred.  Certainly not all fighting in school rises to the level of arrest, but shouldn't suspensions or even expulsion be on the table?  And has anyone ever really been arrested, or even expelled, for a uniform violation or laughing in class?  Unlikely.
    Why would Holder muddy the waters in this way?  How does preventing violence in schools square with downplaying the seriousness of... violence in schools?  As I pointed out in my Weekly Standard post, the whole Baltimore event seemed predicated on the idea that unfair, discriminatory, and ineffective school discipline could lead to gun violence.  If Holder truly subscribes to that line of thinking, he should stop trying to get schools to go easy on violent offenders by comparing them to the merely disrespectful and dress code violators.

Tuesday, January 7, 2014

Healthcare.gov Still Promoting Coverage Effective January 1 [Updated]

    Six days into the new year and fourteen days after the extended December 23 deadline, the federal Obamacare website Healthcare.gov is still holding out hope of coverage beginning January 1 to some consumers.  The notice, which first appeared on December 24 (the unofficial extra-extended deadline), advises consumers who had "problems" with the website to call the Marketplace Call Center which may offer the option of "starting a new application over the phone to get coverage effective on January 1."

    No additional details are given about what type of "problems" might qualify one for the special treatment or what kind of proof might be required from consumers that they experienced a qualifying problem.  Also unclear is how the government could require an insurer to offer coverage retroactive to January 1 to a consumer who began a "new application" almost a week past the effective coverage date.
    A Healthcare.gov chat agent contacted late Sunday night said that the option is no longer available, and that the "earliest your coverage could start now is February," yet the notice has not been removed.  An email to the Health and Human Services press office about the website page offering coverage effective January 1 was not immediately returned.

UPDATE: Some time on Tuesday, the website was updated to remove the above message.  It was replaced with this:

    The change was not notated.

Note: A version of this article (before the update) first appeared at The Weekly Standard.

Monday, January 6, 2014

FDA Seeking Gum Chewing Tester

    The Food and Drug Administration is seeking a small business to potentially supply the federal agency with a chewing gum tester.  Despite the frivolous sounding nature of the announcement, the search is a serious one, and apparently a growing need.  Chewing gum-based pharmaceuticals (such as nicotine gum) are already in use in the United States, and the FDA is looking for a way to measure the dosage and delivery (dissolution) of the medication in such products.
    The FDA is not looking for just any chewing gum tester, but the Erweka DRT-3 (or its equal), manufactured by Erweka, a German company that produces pharmaceutical and life-science testing equipment.  The DRT-3 can be seen in action here.
    According to the documents accompanying the notice, the FDA may be looking to establish a standard for testing chewing gum-based pharmaceuticals on the assumption that the gum-based method of drug delivery may become more widely used:
Currently, there is no official method (USP or FDA) to test medicated chewing gum products, and it is unclear for FDA reviewers on how to approve such drug products if similar applications are coming in the future...
The DRT-3 chewing gum dissolution tester will be evaluated and used to develop methods for drug release from commercial chewing gum products. The requested instrument will greatly enhance our dissolution testing efforts by evaluating new technology and validating testing methods. All these efforts will greatly support CDER’s NDA/ANDA review process on this special dosage form in the future.  
    The FDA has some very specific criteria in mind for its gum chewing tester, including:
  • The angular displacement of the upper jaw shall be adjustable between 10° – 180°, movement frequency adjustable between 20 - 60 cycles per minute.
  • Distance of upper and lower jaw in closed position adjustable -between 0-10 mm.
  • Jaws shall be acid proofed stainless steel with blasted surface for a better grip.
There is no requirement that the machine must be able to walk and chew gum at the same time.

Note: A version of this article first appeared at The Weekly Standard.

Saturday, January 4, 2014

Obamacare Contractor Blamed for Slow Medicare Payments to Hospitals

    The contractor building the financial management system for Healthcare.gov is being blamed by a Houston hospital for delayed Medicare reimbursements that have caused the hospital to miss payrolls for weeks. Novitas Solutions is the federal government's new Medicare payment processor for the south-central region of the country hired by the Centers for Medicare and Medicaid Services (CMS), a division of the Department of Health and Human Services (HHS.)  ABC's KTRK in Houston reports:
According to the CEO Jason Leday, more than 150 employees haven't been paid in nearly a month. 
"I understand that they have children and a house payment, bills. Not getting paid is wow," nearby resident Theresa Gutierrez said. 
The hospital is strapped for cash not because its not making money, but because Leday says a new Medicare payment facilitator named Novitas Solutions is taking too way long to pay out Medicare claims to the hospital. 
Leday says he's owed nearly $3 million in payments from Medicare and can't make payroll...
The Texas Medical Association says they are familiar with complaints like this one regarding the medicare payment facilitator- and a representative told us smaller community hospitals like this one are in similar situations. 
    Novitas also runs the south-central region's Medicare website which was launched just two days before the October 1 launch of Healthcare.gov.  As THE WEEKLY STANDARD reported on December 19, that site has experienced problems reminiscent of Healthcare.gov's troubles, and the site will not be fully operational until well into 2014.
    Novitas's direct connection to Healthcare.gov stems from an emergency, no-bid contract for "financial management services" awarded in August and first reported by THE WEEKLY STANDARD in September.  The services required included accounting, tracking of accounts receivable and accounts payable, documenting funds collected by CMS, and data validation, among other things.  CMS justified the no-bid award because the "prospect of a delay in implementing the Marketplace by the operational date of January 1, 2014, even for a few days, would result in severe consequences, financial and other" and that the services required were "beyond what was initially anticipated and beyond CMS' currently available resources."
     Novitas did not respond to KTRK for its story, and so far has not responded to a request for comment since the story ran.  In the past, Novitas has referred requests for comment to HHS.
    Despite initially promising more information about the August contract, HHS/CMS has ignored repeated requests for clarification about the nature of the work and how it relates to the mission of Healthcare.gov.  HHS has not responded to a request for comment about the reports of slow payments to hospitals either.

Note: A version of this article first appeared at The Weekly Standard.