A month ago, the United States was alarmed and alerted of what happens when a website is not thoroughly audited, tested on all platforms, and checked for traffic and security issues. When healthcare.gov launched, the site developers failed miserably on sufficient testing before launch. Healthcare.gov is the home of Obamacare, where millions of Americans are expected to enter personal information to then enroll in a health insurance option. With so many people’s personal information on the site, one would think the security plans would be checked over time and time again. However, this was not the case. A CBS exclusive news report exposes, “A deadline for final security plans was delayed three times over the summer, and final top-to-bottom security tests were never finished before the launch.”
Unfortunately, healthcare.gov is a perfect example of the exact opposite of what needs to happen when launching a site. The site’s server capacity should have been prepared for an influx of traffic on a first day of launch, especially when dealing with millions of citizens across the US who are already frustrated with their health care options. This was supposed to be ease and effortless for these people; instead, users were getting messages like, “please try again later,” and “please wait,” when visiting the site.
Already a security incident has been filed; a man registered with healthcare.gov and received another person’s eligibility letters, which included their name and address. A spokeswoman for the Department of Health and Human Services replied, “An incident involving the personal information of one consumer was reported…and we took immediate steps. We identified a piece of software code that needed to be fixed and that fix is now in place.” Very shocking that a site with this level of importance and privacy would even come close to a launch date without being 100 percent secure. A thorough risk assessment should shave been completed at least 60-90 days prior to launch.
The most obvious failure of the healthcare.gov launch was the lack of a pre-launch test of the site. It is a must to navigate the site like a user before launch – take note of glitches, confusing navigation, and slow loading pages. Even now, a month later, the site owners have yet to fix all of the faults; the site is taken offline every night from 1 AM to 5 AM for repairs.
At WebSight Design, each of our sites is comprehensively audited weeks before launch. All details of the site are tested including forms, navigation, and internal and external links. We provide enterprise-ready PHP applications with a high level of reliability, performance, and security. WSD also offers a full range of dedicated and virtual server hosting solutions with a server support team with over 25 years of combined experience; we know how to effectively prepare the site to withhold the the influx of traffic on a launch date and throughout time. Our number one suggestion? Find a trusted source for website design and development for a smooth site launch and continual security.