The launch of HealthCare.gov — the federal health insurance exchange website mandated by the Patient Protection and Affordable Care Act — went live Oct. 1. So many problems plagued the site that it prompted Congress to hold hearings about it in late October, with House GOP members demanding answers from involved parties that ranged from site contractors to Department of Health and Human Services Secretary Kathleen Sebelius.

Experts outlined many of these issues in the September Benefits Selling cover story “System Failure,” which predicted the project’s scheduling challenges, necessary system interfaces and user experiences could lead to problems. But the scope of them went far beyond the site’s inability to process complex individual applications, as evidenced by the software crashes that rendered HealthCare.gov inaccessible to users.

Not only that, but enrollment numbers recently released by HHS fell short of expectations. Nearly 27,000 people signed up for private health insurance thoruhg HealthCare.gov one month into enrollment.

So what went wrong? What, if anything, went right? And what’s being done to resolve these issues?

Problem areas

The most obvious issue was the website’s inability to manage a heavy use load: On the first day of the launch, it crashed due to the sheer number of potential plan enrollees hoping to register and shop online. Although the situation has improved, it didn’t instill faith in consumers or legislators that the site was ready to process the seven million applications the administration expects to log on before the end of March.

Last-minute software changes emerged as another pain point. For example, when the site first launched, users were required to register for an account before they could start shopping for plans — a design issue consumers found frustrating and experts said was antiquated.

“Anybody who has any type of website or ecommerce experience or understands anything about user experience knows that’s a big mistake,” says Andrew Carricarte, chief executive officer of IOS Health Systems, in Miami. “And I think the decision was made by somebody from the outside with no knowledge of how the technical aspects work — particularly that late in the cycle and that late in testing.”

The site’s decision-makers have since changed course, allowing consumers to browse what’s available before registering.

Read: A walkthrough of HealthCare.gov

“That being said,” Carricarte adds, “that should not have led to the performance issues they experienced, even if you had everybody registering for an account. When they use these big numbers — 700,000 people visiting the site to purchase health insurance — to most people, it sounds like a big number, but it’s really not a high number in respects to most websites. When you look at companies like Amazon, Google or Facebook, which are in the billions. By comparison, it’s an extremely small number.”

The site’s ability to interface with other websites, including government sites such as the Internal Revenue Service or the Department of Veterans Affairs, probably made things worse, experts say.

“When you sit down and decide what the requirements are that this system has to do, somebody has to start mapping out the interfaces,” says John Sarich, vice president of strategy at VUE Software, in Omaha, Neb.

“Those systems weren’t designed and structured so hundreds and thousands of people can access them. You’re going to go to other systems from other government agencies to get and validate more information. So consequently, you have to interface to those systems. And those systems are old. Tapping into those systems was never intended to be this extensive, so consequently, they created bottlenecks, and they should have seen that very early on.”

Health care information technology attorney Tatiana Melnik says corrupt data is another issue that’s been reported already — and likely to get worse.

“The insurance carriers are receiving bad data,” she says. “There isn’t any specific information about how many applications have gone through to insurance providers, but from the reports I’ve seen, the ones that have gone through have had some problems in the classification of dependents and things of that nature. This is a real costly issue — and this is why the IT issues are so problematic, because many companies are relying on the data being correct.”

And with more than 50 different vendors working on different areas of the site, it was almost inevitable glitches would appear.

“You’ve got various disparate or siloed platforms — a federal data hub, Medicaid systems,” notes Michael Weiskirch, human relations and benefits technology consultant at HNI, in New Berlin, Wis. “It’s a hodgepodge of platforms as well as consultants and vendors working on this thing that’s supposed to come together, and it got really rushed. There’s an issue of lack of alignment not only from a project management standpoint, but also from a systems standpoint.”

Although information security hasn’t been an issue yet, experts say, it’s likely to become one as more consumers flock to HealthCare.gov to seek out insurance.

“I suspect that in the next three or four months, there’s going to be some type of security breach or issue with that website,” Carricarte says. “If they were that lax with what they needed to accomplish with basic testing and performance, one can only assume that there is some laxness and oversight with the security protocols, especially given all of the new changes they are trying to implement in a short period of time. It’s a high-profile target and this should have been their first priority.”

Testing

The biggest thing the government could have done to prevent these problems, experts say, is allot more time for testing.

“There are very extensive test criteria,” Sarich explains. “You come up with hundreds and hundreds of scenarios of somebody who’s accessing the system — maybe they forget something and their login times out, or they forgot their password. All the different cases you can get, you’ve got to test for them from the ground up.”

Aaron Mulder, an IT expert for Chariot Solutions in Philadelphia, says load tests would have helped site creators pinpoint problem areas before the site launch, which could have prevented the system crashes.

“We have to take it for granted that there are going to be hundreds of thousands of people trying to use this site,” he notes. “When we put the load on the system and see which part is breaking down, then we can put a fix in. And a combination of testing is what’s called for — you want to make the site more user-friendly and fix the underlying problems that make everything available and bring it up to speed.”

“There simply wasn’t enough time to adequately test these systems,” says Dan Schuyler, a director at Leavitt Partners who helps guide the firm’s exchange practice. “And as a result, we’re going to have problems like we’ve been seeing.

“I think the pieces are in place that need to be in place,” he adds, “However, because all the connections weren’t thoroughly tested, we’re seeing the problems we’re having.”

Data corruption

“There have been errors with the applications going to the carriers,” Schuyler says. “That’s another area that needs to be addressed and resolved quickly. Those applications, when submitted in large volumes, have to be 100 percent error-free because the carriers don’t have the time or resources to go through the applications one at a time to resolve those errors.”

Carricarte agrees, “If you get an incomplete application received by an insurer, it’s incomplete. Any errors on that application, and they can’t assume the risk. They’ll either deny it or send it back as incomplete. No one has said much about the data integiry issues, which I believe will become a much larger problem as the initiative continues.”

And these data issues are costly, wasting time and money across the spectrum.

“The escalating costs aren’t just for project-specific costs, they’re all down the line,” Melnik says. “The insurance company has to undertake additional steps checking and correcting data; and the consumer may need to go back and fill out the application again; and everyone is spending all this time doing duplicate work.”

There’s also the question of industry standards — carriers haven’t had to align their application process, and as Mulder notes, the data fields must be able to handle multiple possibilities.

“It could be you lost your job, added new children to your family, or you want continue your plan,” he explains. “There are 20 ways to convey the same piece of information. The result is that you really need to work back and forth with some realistic requests and see what happens.”

Security

Although there haven’t been security breaches yet, those familiar with health care data say it’s only a matter of time before the specter becomes a reality. And another problem that should have been anticipated, experts say, is the proliferation of unofficial health care exchange websites that show up in search engines and entice unwitting consumers to enter their personal information.

“If you type ‘health insurance exchange’ into a search engine, there’s a whole series of websites that pop up that appear to be exchanges, and it’s very confusing,” Carricarte says.

Dr. Deane Waldman, a board member of the New Mexico state exchange, says security is a key worry — and one New Mexico was more prepared for than the federal government.

“We spent a lot of time preparing for the scams we knew were coming down the pipe,” he says. “Part of our advertising campaign is to make sure that people in our state are talking to the right people and not giving their information to the wrong people.”

Systemic problems

Schuyler sees another big systemic problem that’s hopefully been resolved.

“I think the other issue, which was startling, is that CMS was the general contractor, the foreman for this massive IT project, and that’s something that they should have contracted out for,” he explains. “They don’t have the knowledge or resources to be able to manage a project of this size and magnitude; that they’ve decided to put a contractor in this position is reassuring. They chose a vendor who’s already working on HealthCare.gov instead of finding another vendor, and considering the timeframe, that makes sense.”

Weiskirch believes that instead of setting up exchanges through the federal government, the administration should have pushed for legislation that expanded current programs for wider use.

“The whole concept of the exchanges was overengineered and poorly designed,” he argues. “We have existing infrastructure — Medicaid, COBRA and other things — that they could have changed or modified to handle the uninsured, and then legislated some of the other things like dependent children and pre-existing conditions. You didn’t need to build this elaborate system.”

And the website itself could lead to a big systemic problem: not attracting enough of the young, healthy Americans desperately needed to help fund expanded insurance for sick Americans.

“You’re having an adverse selection situation simply because the people who are less healthy have a greater appetite and tolerance to move through the process,” Weiskirch says. “If you’re 22 years old, just out of college and not eligible for subsidies, the individual mandate penalty is really not motivating you to apply. To make matters worse, you’re reading the news that HealthCare.gov isn’t working. So you’re going to delay registering as long as possible, and those are the people who need to be in the system so we can spread the risk.”

Silver linings

With all the problems, it’s difficult to see what went well with the exchange rollout — but there are some silver linings. “The user interface and the visual, graphical interface is easy,” Carricarte says. “It’s something that’s simple for most people to understand. They followed a lot of the neo web 2.0 look and feel to try to attract the younger insured.”

Melnik adds that the promotion of the website was done well, as evidenced by its popularity.

“Clearly they had enough interest because people were trying to register, so their marketing efforts paid off,” she says. “There’s a huge interest in getting insurance.”

And the site is relatively easy to use, too.

“It gives you the information you’re looking for,” Mulder says. “You can put in your family size and say you want coverage for everybody, and it’ll tell you which providers are in your area, which plans they have. It looks nice, and it’s not like it’s impossible to find the basics.”

Next steps

Sumit Nijhawan, chief executive officer of software company Infogix, in Naperville, Ill., notes that controls could be put into place to streamline the data.

“If someone is hitting the submit button twice, resulting in a duplicate enrollment, a control upfront would catch those duplicates, but it appears they haven’t built enough upfront controls,” he says. “So whether it’s duplicates, incomplete data, incorrect data, it’s up to the health plans to catch those issues. And they can, but they have to go back to the marketplace team to correct the issues. And all that takes time, which means even though the enrollments have been initiated, they haven’t necessarily been completed. If the checks and balances were in place to ensure data integrity upfront, things would go smoother.”

Nijhawan adds that continuous monitoring of the data is vital to ensure that the information health plans are receiving is complete and correct.

“Putting the controls in place in an end-to-end way so the handoffs are being looked at from all sides, depending on how many trading partners are involved, would mean that at any given time, one can prevent the issue as soon as possible to prevent delays and give the members an idea of where the application is.

“It’s very doable,” he adds. “We just have to take the right steps. As the volume picks up and there are more issues, there are only so many ways to catch issues manually, and it’s going to become unsustainable and the enrollment issues will lead to other issues — payment-related issues, reconciling payment and subsidies — and in January, it will lead to claims issues.”

“They’ve got to step back and start looking at what’s important to be able to do today in order to get people enrolled and what can they phase in over the next year or so,” Sarich says.

Carricarte thinks delaying some of the 2014 deadlines is going to be necessary, given the site’s glitches.

“They’re going to have to postpone and delay, certainly the penalties and perhaps some of the policies,” he says.

And regular behind-the-scenes updates and enhancements also should be implemented to help maintain the site.

“Only deploy what you can get out the door,” Mulder suggests, “and then update it a week later or a day later.”

Also read: A walkthrough of HealthCare.gov