This post is to log information about my experience trying to use the federal HealthCare.gov website which serves as Utah's health insurance exchange site.
Note: I do not need to use the marketplace at this time, as my family has insurance benefits through both my and my wife's employers. I did want to learn for myself exactly what the experience is like. Are all the complaints legitimate, or is it being exaggerated by the opposition to the ACA? I intend to find out for myself.
First time trying to use the website: 8pm hour of 11 Oct, the 11th day that the exchanges have (allegedly) been open for business.
Right off the bat I have a personal (though not technical) problem: I can't research the available policies without creating an account. Hopefully creating an account (which I'll do with legitimate information) will not come back to bite me in the posterior later.
First they want personal information, including your first and last name (optionally a middle name and suffix), the state you live in, and your email address to be entered twice for verification purposes to make sure you type it in correctly. Nothing too horrible here. Oh, a check box asking if I want to have news and updates sent to this email address. No thank you!
Next they ask for a Username: "The username is case sensitive. Choose a username that is 6-74 characters long and must contain a lowercase or capital letter, a number, or one of these symbols _.@/-" This confuses me because early they say it "must contain" then at the end they say "or". Additionally it is just poorly written, as are many other fragments of text on the site. Sure, my writing isn't perfect, though I think I would have done a better job than they did whether or not I was paid over $600 million. Does this mean the username must include both upper and lower case letters, or is one or the other acceptable? Must it include a number or a symbol, or must it include both? Given the options, I'm not sure which of the 16 or so possibilities are valid.
I try a mixed case username (only letters, both upper and lower case) and am told "Important: This is not a valid username". The same username with only lower or upper case letters reports the same error.
Based on the characters available it appears to allow an email address to be used as a username. That gets me a different error message: "This is not a valid user name". The interesting part of this to me is it's a slightly different error message. It omits the "Important: " prefix and inserts a space in "username" that they haven't used previously. Why is the first one important but the second one is not? Rather than using the same error message in both places, they're using different phrases for each message. This presents two problems: one, it makes the communication between the servers and the browsers somewhat slower (depending on how many needlessly duplicated messages are present); two, if they translate the English text into other languages (which I'm sure they will if they haven't already), it takes that much longer to keep the various languages synchronized any time a change is made. An email address is not accepted no matter what case letters are used, even though the email address includes two symbols from their approved list.
I next go back to my original username but try appending my birth year. This time it works, with or without upper case letters. So the rule they should have specified (given how the website works) is "The username is case sensitive. Choose a username that is 6-74 characters long. It must include both letters (upper or lower case) and numbers. You may optionally include any of the symbols _.@/-".
A better option would have been to use an email address as the username. It is already associated with you, it is globally unique, and it would cut down on the confusing rules. It's worked pretty well for Facebook (and numerous other sites) so far. Even if they don't use that, I don't understand why the crazy rules on which characters must be included in the username. The minimum length restriction is understandable, but otherwise the rules seem more like something one would use to generate a secure password than a username. And why allow a 74 character username? Since I can, I will: 74 character username achievement unlocked.
Next it wants a password (typed in twice for verification purposes). The rules are: "Your password must contain 8-20 characters. There must be at least 1 upper case letter, 1 lower case letter, and 1 number. It must be different from your last 6 passwords. It can't contain your username or any of these characters = ?<> ( ) ‘ " / \ &". The length requirements aren't that unusual. Not allowing symbols is unusual, but I spent enough time trying to figure out the username field. I quickly choose a memorable (to me) long password and click next.
Three security questions: "The answers to your security questions must contain letters or numbers and can't be longer than 30 characters. The following special characters are allowed, as long as they follow a letter or number. This means that your answers can't start with one of these characters, apostrophe ('), hyphen (-), spaces, period (.)." Yet another confusing ambiguous prompt with yet another maximum field length, though no minimum is specified. A completely different set of special characters (called symbols previously). And unlike in past prompts, they actually spell out the name of each symbol before showing you the symbol.
It is feeling to me as though a different person was responsible for writing each sentence on each page and was not allowed to communicate with their co-workers to make things fit together logically.
I pick three unique questions (which is mandatory as they remove questions you've already used from the list of later questions, which makes sense). I provide unique answers to each question. I click the create account button and am greeted by a page that says:
Create a Marketplace Account
Important: Your account couldnt be created at this time.
Please note that two or more answers to the security questions cannot be the same. You must provide distinct answers to the chosen security questions.
Please wait a few moments and try again.
Note the word "couldnt" above. I did not make that typo. They left out the apostrophe themselves. I understand typos, I make them all the time. Maybe for $600 million they could have proofread the text on the pages? I understand writing large websites that can scale to literally millions of users is not an easy task, but there are things here that could have been handled by using a tiny fraction of the money spent on a competent editor familiar with the English language. This makes me wonder what the translations to other languages (if they exist) look like.
The only navigation button available on this "Sign Up - Step 3" page says "RETURN TO CREATE ACCOUNT PAGE".
I'm so happy we have Obamacare! At this point not only can I not look at the health insurance options that would be available for my family if we needed it, I can't even create an account.
The only bright spot that I can find in this is it doesn't take long to fail to create an account. It took me a bit longer because I was writing this post, but if I was focusing exclusively on account creation I could have been in and out of the website in just a couple of minutes or so. It would have still been a waste of my time, but a relatively minor one.
I go ahead and go back to the beginning and try more realistic information. This time it sends me an email! Just click the link and I'll be one step closer to having health insurance. I half expected to not receive an email, but I did, quite promptly in fact. Maybe things are looking up!
No, that would be too easy: "Oops. The Marketplace could not verify your email. Try to verify your account again in a few minutes. If you've already verified your email address, you can log in here." It sounds whimsical, doesn't it? "Oops!" I'm surprised they didn't include a picture of Twitter's "fail whale". I'm not normally a huge stickler for formal language. I wouldn't normally mind "oops" in what is supposed to be professional business text. Right now it's grating on me though based on all the other confusing and / or unprofessional things I've seen this evening.
I try email verification again several minutes later but no luck. Now the site has stalled: not only is it not sending me a webpage, it isn't even accepting the connection from my browser. This is a freakin' comedy of errors! After several minutes it finally sends a reply: "Internal Server Error - Read - The server encountered an internal error or misconfiguration and was unable to complete your request. Reference #x.xxxxxxxx.xxxxxxxxxx.xxxxxxx". What a horrible useless error message. Hopefully it's just due to so many people hammering the site, but given everything else I've seen, a misconfiguration would not surprise me at all. No way for me to tell. I try calling to see if they can tell me anything based on the reference number I exed out above. Get put in a queue for the next available agent, expecting a long wait. Amazingly enough, I get through quickly. That's where my luck ends though. The agent I talked to (whistling into his headset while I'm explaining what happened) informs me that he could normally help me, but their system is down too, as they use the exact same system that we use. I really feel sorry for the phone reps who've probably been taking quite a beating for the past 11 days. So not only can we not verify accounts, if the website goes down, the phone reps can't really do much to help you either because they use the same website!
I've read reports that the underlying source code used by the webpages sent to the browser is horrid. I just tried to view the source to one of the webpages but of course I can't connect to the website to do anything, much less view it's internal coding. Based on the quality of craftsmanship that went into the text on the pages, I don't think the programming will be any better, though I can't prove that at this time.
If I feel like trying more again later I'll post an update.
A moment to be fair: The fact that the website does not work does not have to mean the ACA is a total failure. I realize that. The politicians that supported it aren't directly responsible for whatever web application development team that put together this monstrosity. That being said, surely at least one single member of the Obama administration, knowing that there are very high levels of dissatisfaction with the law in the public and opponents in Congress, might have thought to check it out periodically in advance to ensure it worked, if not perfectly, at least well enough. I think it just goes to show that many or most people in the Obama administration have no practical business experience. They think that ideals and wishes are enough to get things done. Welcome to the real world.
Go Top