It's likely that security testing was faked, overlooked or ignored for Healthcare.gov, just like functional testing. Don't let this happen on your watch.
Ultimate Lesson from Healthcare.gov: Take Incremental Approach
It's early in the Healthcare.gov lifecycle. We know the project's failure was systemic multiple failures on multiple levels but we don't know exactly what did happen. Identifying all the issues might make for a good book someday, but it's far too much for one article.
Putting together the six lessons here, though, and you'll see a pattern: Healthcare.gov was a single, Big Bang rollout that couldn't be stopped.
At this early stage, if you can take only one thing from Healthcare.gov, it's this: Use incremental approaches such as betas, early testing and regular delivery of a completely tested system, in tandem with flexible scope to find risk before it finds you.
The saddest part about the Healthcare.gov failure isn't that is so massive. The saddest part is that the failure was both predictable and greatly preventable.
Sign up for CIO Asia eNewsletters.