Oregon Health Insurance Exchange Failure: Blame Runs Deep
Postmortem report confirms diagnosis of weak project oversight, unrealistic goals, and poor performance by Oracle.
launch of the website on Oct. 1 would be incomplete, serving only insurance agents and other intermediaries. Even then, they characterized it as a "staged rollout" of a project that was essentially still on track.
One of the key errors identified in the First Data report was a decision Lawson made, and Goldberg approved, not to hire a system integrator. That decision left state employees with the responsibility for making sure all the components of the project would come together correctly. So, although the report does lay some blame on Oracle, it also notes that Oracle was never in the role of system integrator -- only as a provider of software and consulting manpower, billed on a time-and-materials basis rather than with payment tied to concrete deliverables.
"This departs from best practices and put the state in the position of having to pay for work that did not always result in the anticipated deliverables or that required more hours (and higher cost) than planned," the report noted. "It also created an environment where there were no consequences for missing deadlines and no financial incentive for being realistic about delivery dates."
The state selected Oracle technology based on assurances that it could meet 95% of the state's requirements, meaning that only 5% customization would be required. But a May 2013 assessment of how the project was shaping up characterized it as requiring more like 40% custom coding.
First Data asked to interview six members of the Oracle project team, none of whom were made available to investigators. Oracle instead provided an interview with chief corporate architect Edward Screven (accompanied by an attorney), even though Screven was not actively involved in the project until November.
First Data's summary of that meeting does include a defense of Oracle's role in the project, which Screven said suffered from:
The lack of well defined, stable requirements
The lack of discipline in the change-control process (too many undocumented, ad hoc changes)
The absence of a system integrator, which Oracle said was unprecedented for a project this complex
The lack of timely test cases, some of which were not provided until mid-October 2013, according to Oracle
However, First Data found that Oracle was one of the parties continually offering assurances, while the project was underway, that the work would be completed on time.
Kitzhaber said the next step is for the state to figure out whether to repair the online exchange or replace it, either by moving to the federal HealthCare.gov exchange or adopting software developed by one of the other states with a more successful exchange. Asked if it was possible the state would scrap all the work Oracle has done to date, he said, "it's a possibility" and reiterated that the state was keeping open "all its legal options" to recover money paid to Oracle or withhold funds it says it is owed.
Despite the lack of an online signup process, Kitzhaber said the state had signed up more than 287,000 people on paper and through other workarounds. "It's important to remember that the website is a means to an end, not an end in and of itself," he said. "Our enrollment figures stand out even among other states that have fully functional websites. The value of our success in this regard should not be overlooked, even as we work to fix what went wrong."
Download Healthcare IT in the Obamacare Era, the InformationWeek Healthcare digital issue on the impact of new laws and regulations. Modern technology created the opportunity to restructure the healthcare industry around accountable care organizations, but IT priorities are also being driven by the shift.
David F. Carr oversees InformationWeek's coverage of government and healthcare IT. He previously led coverage of social business and education technologies and continues to contribute in those areas. He is the editor of Social Collaboration for Dummies (Wiley, Oct. 2013) and ... View Full Bio
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.