The big difference between the failure of HealthCare.gov and all other federal IT development failures is this: Establishment of the site was inseparable from the law underlying it. There is no manual healthcare plan exchange. By contrast, failure to automate VA disability case processing or Office of Personnel Management retirement annuity calculations didn’t stop those activities the automation was supposed to support. They existed long before attempts to automate them. The fallback therefore consisted of using the existing process, maybe adding people in a surge to clear backlogs. That option doesn’t exist for HealthCare.gov. But, as we’ve seen with the almost inane, and probably illegal, on-the-fly rewrites of the ACA’s requirements and deadlines, the online exchanges have no real fallback possibility. In all other respects, HealthCare.gov was like other failed systems, the result of boiling a toxic stew of poorly defined requirements, the wrong contractor, insufficient oversight and unclear lines of authority. Moreover, HealthCare.gov was what used to be called, disparagingly, a “grand design.” The antitheses of agile, spiral development, HealthCare.gov is the result of planners trying to spawn a nearly impossibly complicated system all at once. That approach has never worked and it never will. There’s nothing in the Federal Acquisition Regulation that caused this system failure. That is, it wasn’t a procurement failure, as I’ve written before. And there’s nothing in, say, the proposed Federal Information Technology Acquisition Reform Act that would necessarily prevent it. Thinking, sound management, following the rules already there — that is how these things can be kept from happening. In short, a big and depressing disappointment, all the more so because of the presence of so many celebrated techies in the administration that seem to have been oblivious to what was going on at the Centers for Medicare and Medicaid Services. Now comes word that the administration wants to fast-track the hiring of more technical talent into government ranks. That may sound good, but it won’t solve the problems exhibited by HealthCare.gov — lack of project management skill, requirements control, and clear lines of authority. When those things are in place it doesn’t matter whether the coding talent is in-house or contracted. I say all of this as prelude to what I hope will come ahead in 2014 for federal IT. And hoping the lessons learned will be the correct ones. Because there’s no doubt that HealthCare.gov was the biggest federal IT story of 2013. It is the Obama administration’s Hurricane Katrina. Lots of published lists of technology predictions have already hit. Many analysts think Google Glass will be a big deal. I have a personal vow never to have a conversation or any other engagement with anyone wearing them. Anyway, I think they’ll end up being the Nehru jacket of technology — a few nerds will sport them for a while. Others are hoping for flexible smart phones. Forgiving him the Google Glass reference, I think Bob Gourley’s tech product trends as published in Federal Times is otherwise a pretty good list. Here’s what I’m hoping to see more of in the government IT market in the coming year. I warn you, no glamour or drama.
Rational cybersecurity. If HealthCare.gov was the biggest story, the next biggest, or maybe bigger, story was the Edward Snowden drama. Savior of freedom or traitor, he certainly was the ultimate insider-threat-turned-real. A group of Chinese government IT people I spoke to recently pointedly asked what changes in procedures had been instituted since Snowden. The episode brings together the need for continuous monitoring, ID management and specific procedures to prevent anyone from mass downloadings, even if it’s the Director of National Security.
Get mobility right. Let go of the BYOD idea. It only works in the public sector if a narrow set of devices is allowed and the agency has access to and control of the devices. Might as well be government-furnished. And let go of the notion that the “desktop” PC is dead. Pick the right device for the right situation. The hard part is software. Making applications mobile and fixed, and managing the licenses are the two hardest tasks.
Rightsize infrastructure. Really and actually find ways to boost interagency services sharing so the net spending on data center elements at least stops growing. Data center consolidation efforts have been going on for 20 years. It’s time to get serious about it.
Become a model for the post-password world. Time’s up. Everybody out of the password pool and go join ID management of the 21st century.
Become the Dominique Dawes of development. Agile, that is. Postulate every development project as if it was the final vault in the ’84 Olympics. Nail it then smile. It’s more than a matter of using this development library or that project management scheme. It’s a whole approach that starts with thinking and visualizing the end — then being the toughest S.O.B. there is when it comes to testing and requirements.
Tom Temin is host of The Federal Drive, which airs 6-10 a.m. on Federal News Radio (1500AM). This post was originally written for his personal blog, Temin on Tech.