November 17, 2013

Jack Kelly Sunday

Well, it's been 10 days since I posted this.  That was the blog post where I pointed out how the CBS Benghazi "story" that the P-G's Jack Kelly built his entire column on had been retracted by CBS.

When will the column be retracted by Jack Kelly?  I asked but to no avail, it seems.  So far, it's still up - and with no correction or anything to indicate an update to reflect the reality of the situation - that CBS retracted the 60 Minutes Benghazi story.

So what does the Post-Gazette's Jack Kelly do today?

Opens up with another debunked CBS "news" story:
The personal information you give to Healthcare.gov “is protected by stringent security standards,” said White House Press Secretary Jay Carney.

Not so.

“Software experts tell CBS News they have identified multiple security issues,” Jan Crawford reported Nov. 5. “We gave one technology expert the real HealthCare.gov user name of a CBS employee. Within seconds, he identified the specific security question she selected to reset her password.”

“Four days before the launch the government … granted itself a waiver to launch the website,” said CBS investigative reporter Sharyl Attkisson. “The final required top-to-bottom security tests never got done.”

The top operations officer for the Obamacare websites told the House Oversight Committee that he was never given a Sept. 3 memo that detailed six security problems which pose “limitless” risk.
This is the CBS report to which the intrepid Jack is referring.  That last paragraph, however, refers a subsequent CBS report by Attkisson - and that's where the whole thing falls apart.

The public debunking happened in public at a Congressional hearing four days ago on November 13:


Here's my transcript of the discussion between Representative Gerald Connolly and Henry Chao (the top operations officer for the Obamacare websites, Kelly's referring to) and starting at about 1:44 in we hear:
CONNOLLY: Mr. Chao, during your interview with committee staff on November 1, you were presented with a document you had not seen before. And it was entitled "Authority to Operate," signed by your boss on September 3, 2013, is that correct?

CHAO: Correct.

CONNOLLY: The Republican staffers told you during that interview that this document indicated there were two open high-risk findings in the federally facilitated marketplace launched October 1. Is that correct?

CHAO: Correct.

CONNOLLY: This surprised you at the time.

CHAO: Can I just qualify that a bit? It was dated September 3 and it was referring to two parts of the system that were already--

CONNOLLY: You are jumping ahead of me. We are going to get there. So when you were asked questions about that document, you told the staffers you needed to check with officials at CMS who oversee security testing to understand the context, is that correct?

CHAO: Correct.

CONNOLLY: The staffers continued to ask you questions, nonetheless, and then they - or somebody - leaked parts of your transcript to CBS Evening News, is that correct?

CHAO: Seems that way.

CONNOLLY: Mmm. Since that interview, have you had a chance to follow up on your suggestion to check with CMS officials on the context?

CHAO: I have had some discussions about, uh, the nature of the high findings that were in the document.

CONNOLLY: Right. And this document it turns out, discusses only the risks associated with two modules, one for dental plans and one for the qualified health plans, is that correct?

CHAO: Yes.

CONNOLLY: And neither of those modules is active right now, is that correct?

CHAO: That's correct.

CONNOLLY: So the September 3 document did in fact, not apply to the entire federally facilitated marketplace despite the assertions of the leak to CBS notwithstanding, is that correct?

CHAO: That's correct.

CONNOLLY: And these modules allow insurance companies to submit their dental and health plan information to the marketplace is that correct?

CHAO: Correct.

CONNOLLY: That means that those modules do not contain or transmit any personally identifiable information on individual consumers, is that correct?

CHAO: Correct.

CONNOLLY: So to be clear, these modules don't transmit any specific user information, is that correct?

CHAO: Correct.

CONNOLLY: So when CBS Evening News ran its report based on a leak, presumably from the majority staff, but we don't know, of a partial transcript, expert- excerpts from a partial transcript, they said the security issues raised in the document, and I quote, "could lead to identity theft among buying insurance," that cannot be true based on what we just established in our back and forth, is that correct?

CHAO: That's correct. I think there was some rearrangement of the words that I used during the testimony in how it was portrayed and-.

CONNOLLY: So to just summarize, correct me if I'm wrong, the document leaked to CBS Evening News didn't in fact not relate to parts of the website that were active on October 1. They did not relate to any part of the system that handles personal consumer information, and there, in fact, was no possibility of identity theft, despite the leak.

CHAO: Correct.

CONNOLLY: Thank you, Mr. Chao. I yield back. [Emphases added.]
Seeing that Jack has yet to correct the record of his flawed CBS sourced Benghazi column, I don't have much faith that he'll be correcting the record of this flawed CBS sourced Affordable Health Care security risk column anytime soon.


No comments: