Welcome!

SDN Journal Authors: John Walsh, Elizabeth White, Liz McMillan, Sven Olav Lund, Simon Hill

Related Topics: Microservices Expo, Containers Expo Blog, @CloudExpo, Cloud Security, Government Cloud, @DXWorldExpo, SDN Journal

Microservices Expo: Article

Lessons of the Healthcare.gov Fiasco

Contributed by Guest Author Steve Hawald, Executive Partner/Analyst

One of the advantages ZapThink brings to the discussion of Enterprise IT is our global perspective. As we travel the world, we hear the opinions of many people across many countries and industries. From this context we can confirm that most of the planet believes the US government is the laughingstock of the developed world. We finally resolve the shutdown of the government (at least temporarily) over the Affordable Care Act (ACA) only to find that the centerpiece of the ACA rollout - the Healthcare.gov Web site - suffered from severe flaws. Seriously, can't we get anything right?

The embarrassing failure of the ACA Web site is even more ironic considering the federal government's long history of expensive, "big bang" IT projects like the Navy Marine Corps Intranet and the FBI Sentinel case management system that time and again failed in spectacular fashion. We were supposed to have learned some important lessons from such fiascos. In fact, the Obama administration has made substantial progress turning over a new leaf in the rollout of large IT initiatives, focusing on more Agile, Service-Oriented, and Cloud-centric efforts that lower both risks and cost. Why, then, did the Web site at the center of Obama's centerpiece legislation fail so miserably, and how can we avoid such failures in the future?

Placing Healthcare.gov into Context
Compared to other high-profile, complex federal IT programs, the ACA healthcare exchange program may have racked up the most program missteps for leadership and management in today's IT world. On the other hand, other major government consolidation Web sites, such as USAJOBS and USAspending, have had significant IT problems as well. Revelations from key IT sources illustrate how immense the technology architecture and design problems are: missing or bad data, duplicate records, lack of audit controls, insufficient testing, and inadequate Cybersecurity controls, to name a few.

According to Aneesh Chopra, the first US Chief Technology Officer, the site's problems were due to heavy traffic. It was built for 60,000 concurrent users - an estimate based on the Medicare.gov site of 30,000 daily users. However, Healthcare.gov had to support one million simultaneous users out of the gate. Also, the former CTO points to a minor Private Cloud scalability issue and a few additional IT missteps.

And yet, many insurance and technology leaders, analysts, Web developers, and contractors have pointed out serious IT methodology, architecture design and security flaws with the Healthcare.gov Web site as long ago as early 2012. These central IT challenges focus on leadership, management, architecture, cost management, IT workforce issues, and stakeholder decisions and roles.

This IT program appears to have fallen apart due to a number of requirement changes within two weeks of product launch from the administration. Such last minute changes introduce substantial risks into any IT project. All critical production systems should ideally have hard lead times and freeze dates, in conjunction with an iterative, Agile methodology for such changes to be successful. For example, the IRS has a similar IT playbook for new tax laws every year as many commercial firms do.

How to Fix Healthcare.gov
The number of critical technology areas that have been failing and the risk of skipping full operational and Cybersecurity testing and review place this application at high risk. The exchange portal needs an IT rescue or reset, which would involve taking the site down for application overhaul.

It may require as many as 5 million lines of software code to be ripped out and replaced to avoid inaccurate enrollment data and improper payments for services, mitigating further costly recovery. It should also have a full architecture review and be retested for data quality with key stakeholders, security for accessing other federal databases, as well as security for citizen privacy and data protection from hackers for identity fraud and misuse.

Key IT takeaways on this effort for any organization, federal or private, include:

  • Executive teams should be flexible on critical product rollout dates and execute strong leadership using governance for accountability and transparency over requirement changes and risks to avoid program chaos on cost, schedule, Cybersecurity, quality, and usability.
  • Executive leadership must have common product communication messaging on the purpose and value to all levels of the organization, stakeholders, and customers for accepting the product with confidence and trust.
  • EA teams should have crafted an Agile Enterprise Architecture using a Cloud roadmap for driving the business needs today, as well as future requirements for improving customer satisfaction and usability.
  • Executive and IT leadership decisions to insource complex integration architecture must be evaluated with the right team level of skill mix, training and resources, and leadership must be willing to outsource resources for any skill gaps.
  • Procurement teams should use trusted partnerships with core domain, Agile Architecture, and project management (PM) skills as well as corporate or government-wide multiple award contracts with task orders for critical skills by best of breed contractors with key domain experience for Agile software development.
  • Agile IT PM teams should have a standard or tailored software development lifecycle including a prototype phase for proof of concept with field ops for network stress on the architecture and security testing using incremental releases for production.
  • IT PM teams should have leveraged key stakeholder sign-offs, domain tailored best practices, customers/users/advocacy testing groups, or other testing offerings to validate a new product.

Using a Web-based portal solution for a healthcare gateway to existing federal agencies' databases and insurance interfaces for data sets with unpredictable scalability requirements are common IT challenges in today's market that newer technologies, in particular, Cloud Computing, can address. On Healthcare.gov, the key executive strategy teams lacked the technical skills and the proper executive governance framework for oversight on the program's execution effort. A delivery mandate, regardless of the end state of the product and "deliver as is" wording, puts the citizens or other users in a dysfunctional IT service environment, which creates lack of trust and confidence in the healthcare portal going forward.

If we compared this project rollout with any large private sector organization rollout, it would have been shut down immediately to mitigate the unknown costs and risks, the damage to the brand and reputation of the organization, and the leaders who are accountable would have taken appropriate management actions. In fact, it should not have led to a rollout date using a "big bang" deployment in the first place.

The ZapThink Take
The Administration's 2012 OMB policy dictates the use of Agile software modular development using incremental releases to avoid the long delays for customer phase-in for smaller deployments (30 to 180 days), and early use of features and benefits to reduce risk from poor requirements, untested technology, software failures, and cost overruns. However, by all accounts, Healthcare.gov was executed as a waterfall project, an approach that almost always leads to failure - either by insufficiently delivering on requirements or by providing inadequate focus on quality. And sure enough, these are just the problems that Healthcare.gov faced.

Why, then, did the government and its contractors not follow a best practice Agile approach? Fundamentally, Agile requires a rethink of the organizational aspects of planning, delivering, testing, and managing any IT project. The entire effort must be tackled iteratively. Stakeholders should be involved at every step. Testing must take place in every iteration, in order to lessen the testing burden as the initiative approaches delivery.

For larger initiatives like Healthcare.gov, the architecture must be Agile as well - both the software architecture as well as the broader Enterprise Architecture. However, the principles for Agile Architecture are only now being fleshed out, as ZapThink explains in Jason Bloomberg's book, The Agile Architecture Revolution. As the word revolution would indicate, no band-aid fix will magically turn big-bang software fiascos into lightweight, Agile, customer-focused initiatives. Instead, we must entirely rethink how we go about software delivery to meet the IT challenges of the 21st century. There is simply no excuse for high risk waterfall initiatives any more, at the federal government or anywhere else.

Guest Author: Steve Hawald, Executive Partner/Analyst

Prior to founding HAWALD ADVISORY, LLC in 2013, Mr. Hawald was a former Gartner global IT research analyst, US Department of Education / SFA CIO, and United HealthCare HMO Divisional CIO. He was named to Hitachi's Federal Data Systems advisory board in early 2010, and was appointed to Georgetown University's CCPE adjunct faculty for graduate IT certificate programs in 2009. He teaches part-time on weekends at the DC campus with his advisory engagements. He currently attends Virginia Tech University for STS PhD studies in risk challenges and management.

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

@CloudExpo Stories
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
"ZeroStack is a startup in Silicon Valley. We're solving a very interesting problem around bringing public cloud convenience with private cloud control for enterprises and mid-size companies," explained Kamesh Pemmaraju, VP of Product Management at ZeroStack, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Infoblox does DNS, DHCP and IP address management for not only enterprise networks but cloud networks as well. Customers are looking for a single platform that can extend not only in their private enterprise environment but private cloud, public cloud, tracking all the IP space and everything that is going on in that environment," explained Steve Salo, Principal Systems Engineer at Infoblox, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventio...
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, provided a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to oper...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, discussed how by using ne...
"Cloud Academy is an enterprise training platform for the cloud, specifically public clouds. We offer guided learning experiences on AWS, Azure, Google Cloud and all the surrounding methodologies and technologies that you need to know and your teams need to know in order to leverage the full benefits of the cloud," explained Alex Brower, VP of Marketing at Cloud Academy, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clar...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., introduced you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He explored applications in several industries and discussed technologies that allow the deployment of advanced visualization solutions to the cloud.
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
Vulnerability management is vital for large companies that need to secure containers across thousands of hosts, but many struggle to understand how exposed they are when they discover a new high security vulnerability. In his session at 21st Cloud Expo, John Morello, CTO of Twistlock, addressed this pressing concern by introducing the concept of the “Vulnerability Risk Tree API,” which brings all the data together in a simple REST endpoint, allowing companies to easily grasp the severity of the ...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
"NetApp is known as a data management leader but we do a lot more than just data management on-prem with the data centers of our customers. We're also big in the hybrid cloud," explained Wes Talbert, Principal Architect at NetApp, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"We're focused on how to get some of the attributes that you would expect from an Amazon, Azure, Google, and doing that on-prem. We believe today that you can actually get those types of things done with certain architectures available in the market today," explained Steve Conner, VP of Sales at Cloudistics, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.