An internal memo dated September 27th warned that insufficient testing of Healthcare.gov could create a security risk.
The memo was directed to Medicare chief Marylin Tavenner. It warned that one of the site contractors could not test site security because the complete system was not working. The memo stated the failure to test adequately “exposed a level of uncertainty that can be deemed as a high risk.”
The fallback plan outlined in the memo was to set up a “security team” which would continue testing for several months after the site had gone live.