A lot has been written about this in the media and I'm not going to attempt to address every angle in this answer. I just want to focus on one key point that I think is important, and of wider relevance:
I think a key point about the contractors that worked on this site is this: they faced a perverse incentive.
The company CGI Federal, responsible for some of the backend services used by Healthcare.gov, was brought on in a "rolling contract" with the Department, a contract which was very vague, and not specific to Healthcare.gov - essentially just "do whatever IT work we need from you". Therefore, it has been argued that they essentially "won the work on a no-bid basis". The key point, though, is that by screwing up and releasing a system with lots of bugs, they guaranteed themselves an increase in billable hours, revenue, and - presumably - profits.
This is a totally perverse incentive!
I am not claiming that they actively intended to follow this strategy. I have no way of knowing that. But that, faced with no financial risk (only possible reputational risk), minds at the contractors may not have been sufficiently focused prior to October 1.
Now, one might immediately ask the question "But isn't reputational risk a very significant risk for government contractors? Because they might not get another contract if they are seen to be incompetent?"
The answer to those questions are extremely interesting, and empirically, they seem to be, respectively, No, and No (at least for the large contractors that tend to get the lion's share of government contracts such as this).
Why is this? Well, I'm not as well-informed about US government contracting, but in the UK at least, the UK government has actually claimed, apparently seriously, that it is obliged by European Union law to pick the lowest qualifying bidder, and that it would be illegal to take into account evidence of performance on previous contracts! However, perhaps recognising that this is a stupid state of affairs, the European Union is now proposing to explicitly allow past performance to be taken into account when selecting a bidder for a contract, from 2014.
Interestingly, another large healthcare IT project with multiple contractors, the National Programme for IT in the United Kingdom, attempted to use contractual "risk sharing" to reduce such perverse incentives, whereby the contractors would face significant costs if they were deemed to have "failed". (Because UK government contracts are routinely kept secret, for reasons, the government claims, of commercial confidentiality, i.e. to protect the commercial interests of the contractors, we are unlikely to ever know the detailed terms of this arrangement, such as who was responsible for deciding whether it was the contractor's "fault", and on what basis). However, two surprising things happened during the course of this hugely expensive, hugely overbudget, over-timescale and ultimately partially-failed project:
- The software development contractors failed to develop the software satisfactorily, regardless of the risk-sharing. They appeared to be overconfident and extremely poor at delivering. (Although, they actually re-outsourced the work to subcontractors, so they weren't actually delivering anything themselves!)
- Even though the contracts allowed for risk-sharing, Wikipedia notes:
The costs of the venture should have been lessened by the contracts signed by the IT providers making them liable for huge sums of money if they withdrew from the project; however, when Accenture withdrew in September 2006, then Director-General for NPfIT Richard Granger charged them not £1bn, as the contract permitted, but just £63m. Granger's first job was with Andersen Consulting, which later became Accenture.
One could argue that the fault in this case lay partly with the customer (the government) managing the project poorly, but the fact that Granger used to work for the very contractor he had let off lightly (this is known as the "revolving door" problem), casts doubt on the objectivity of this decision! Anyway, either way, this just goes to show that it's not as simple as saying "force the contractors to share the costs of failure, and this will fix the incentive problem".
So I think we need to look deeper to the causes. Some might claim that the proximate causes of the problem are methodological: "they should have used an agile development methodology", or whatever. Let's assume for the sake of argument that the project management methodology was at fault. But if the incentives are aligned appropriately, contractors should automatically pick the best methodology, or the one most likely to succeed! That's just basic economics. Even if the government stipulates the methodology, even if the government stipulates just about anything you can think of, economics suggests that firms should avoid such contracts and prefer contracts with good methodologies, which will incentivise governments to either stipulate good methodologies, or leave the choice of methodology open.
The problem is, this simplistic economic theory does not map to reality.
I think the deeper, underlying problem is the principal-agent problem within large, sprawling corporations: managers often do not face sufficient penalties for failure, sometimes they can escape entirely unscathed by blaming others, people are rewarded for winning government contracts regardless of the corporation's actual ability to deliver (this seems intuitively like a good idea - after all, winning fat government contracts is inherently good, right? - but it may not be in reality, as some of the National Programme for IT contractors discovered). And ultimately, contractors have to fall back on attempting to do extremely dubious post-hoc negotiations, perhaps threatening legal action, to avoid any contractual penalties that may theoretically be in place. Instead of... you know, actually doing the work properly in the first place.
Further evidence for this thesis comes from the fact that a large proportion of private sector IT projects also fail or go overbudget - we just don't hear about them in the media so much, because corporations often don't like to talk about them. So this problem is not actually specific to government contracts - it's something that relates to the intersection of information technology's complexities, and large corporations' uneven internal accountability.