From CBS News:
…released an Obama administration memo that shows four days before the launch, the government took an unusual step. It granted itself a waiver to launch the website with “a level of uncertainty … deemed as a high (security) risk.”
“We received a phone call from a gentleman named Justin in North Carolina who informed me that he had gone on the healthcare.gov website and when he logged in under his log in and password, he received a document of all of my and my wife’s personal information,” Dougall said.
Curiouser and curiouser. If a dental office did this it would be a clear HIPAA, HITECH violation, a big fine and possibly a law suit.