The Obamacare website failed on launch because government officials spent too little time on it, made bad technical decisions, and mismanaged a key contract, a new internal report says.

The “culture” of the agency overseeing Obamacare also got in the way of readying the website, Healthcare.gov, especially poor coordination and a resistance to addressing “bad news,” according to the report by the Office of the Inspector General in the Department of Health and Human Services.

The “poor launch” of the website in October 2013, the report says, occurred despite hundreds of millions of taxpayer dollars being spent on it.

“The development of Healthcare.gov faced a high risk of failure, given the technical complexity required, the fixed deadline, and a high degree of uncertainty about mission, scope, and funding,” the case study found.

The report details the management missteps of the Centers for Medicare and Medicaid Services, the agency within the Department of Health and Human Services in charge of overseeing implementation of the Affordable Care Act, popularly known as Obamacare.

“Today, the Obama administration’s own oversight chiefs confirm what has long been said by Republicans in Congress: The administration’s commitment to launching HealthCare.gov trumped known concerns about its security, integrity and workability,” Sen. Orrin Hatch, R-Utah, said in a prepared statement.

“The result, as we now know, left many to navigate a taxpayer-funded website that was unsecure and plagued with performance problems.”

Hatch and Sen. Chuck Grassley, R-Iowa, chairmen of the Finance and Judiciary committees, respectively, released a joint report in 2014 that found red flags similar to those in the inspector general’s report.  

On Healthcare.gov, individuals can browse health insurance plans, enroll in plans, and apply for federal financial assistance to help cover premiums and other costs. As required under Obamacare, the website helps consumers buy private health insurance if they live in states without online insurance marketplaces.

In a summary, the inspector general’s report specifies “missteps” on Healthcare.gov made by the Department of Health and of Human Services (HHS) and the Centers for Medicare and Medicaid Services (CMS):

Additional HHS and CMS missteps included devoting too much time to developing policy, which left too little time for developing the website; making poor technical decisions; and failing to properly manage its key website development contract. CMS’s organizational structure and culture also hampered progress, including poor coordination between policy and technical work, resistance to communicating and heeding warnings of ‘bad news,’ and reluctance to alter plans in the face of problems.

The Obama administration launched Healthcare.gov on Oct. 1, 2013.

Between July 2011 and July 2013, the report says, the Centers for Medicare and Medicaid Services received 18 “documented warnings” of Healthcare.gov concerns, “all containing substantial detail about the project’s shortcomings and formally submitted to CMS senior leadership or project managers at CMS.”

“There’s been wide agreement that the launch was disastrous. Now we have a report from the top agency’s independent watchdog documenting the many things that went wrong,” Grassley said Tuesday in a prepared statement, adding:

A rush to launch was more important than having a working website. Advice from consultants at taxpayer expense went ignored. Bad news was papered over. The real loser was the taxpayer and the user of a website that didn’t work as promised. The website is part of the bigger problem behind Obamacare. A massive undertaking was rushed through on a partisan basis. The law was badly written and poorly implemented.

The report documents how problems with Healthcare.gov were immediately apparent, as only six consumers were able to submit an application and select a health insurance plan on the first day of open enrollment. It says:

On Oct. 1, 2013, HealthCare.gov experienced 250,000 concurrent users, much greater than the planned capacity. Website outages began within two hours of launch, preventing many consumers from logging in and signing up for health insurance. In reporting to the public, the [U.S. chief technology officer] attributed the problems to high volume, which was five times the number of simultaneous users anticipated. It was soon clear to CMS and contracted operators that the HealthCare.gov issues were not caused solely by a higher number of visitors to the website but also by core problems in website performance.

The report says that on Sept. 24, 2013, just days before the launch, the chief information security officer at the Centers for Medicare and Medicaid Services raised concerns that Healthcare.gov “did not reasonably meet CMS’s security requirements, citing specific concerns about the lack of security testing.”

Teresa Fryer, the chief information security officer, recommended not authorizing the website to operate and advised against launching Oct. 1, but her superiors rolled out the website anyway. Fryer testified before the House Oversight Committee about security risks found after the launch.

“Political factors drove this decision to open the website on Oct. 1,” Brian Blase, a former senior staffer for the House Committee on Oversight and Government Reform, told The Daily Signal.

Blase, now a senior research fellow at George Mason University’s Mercatus Center, was the lead staffer at the time for the Oversight Committee’s investigation of Healthcare.gov’s failure.

“The site was never fully secured and tested,” Blase told The Daily Signal. “The administration made a decision to launch a website that would contain personally identifiable information without adequately security-testing it.” He added:

The Healthcare.gov failure epitomizes government incompetence. The decision, as the oversight committee found, to launch was a political decision made by the top political appointee at CMS, overriding the objection from the chief information security officer that the site had not been adequately tested and should not have launched.

Marilyn Tavenner resigned as director of the Centers for Medicare and Medicaid Services in January 2015.  Kathleen Sebelius resigned as secretary of Health and Human Services in April 2014.

The study from Health and Human Services’ inspector general spans five years, from March 2010 to February 2015. It covered events and factors associated with launch of Healthcare.gov, actions that followed, and implementation of the federal health insurance marketplace through the second enrollment period.

The inspector general interviewed 86 current and former officials, staffers, and contractors involved with the website and reviewed thousands of documents.