I've put in many RFQs on government dollars at universities, national labs, and private businesses (I've never been a direct employee of the government). All the law requires is that I get a quote (which usually turns out to be a no-bid) from a minority or woman owned business, and if that quote comes in over, the money still goes to the lowest bidder. The only extra cost is my time in getting another quote. Fair enough.
Pretty much every extra cost that I see comes about because someone abused the system in that specific way that the rule addresses. You can simply look at the process and see, ah, that rule or requirement was instituted because someone was either dumb or dishonest. No matter how rare or unlikely to occur again, however, the bureaucracy will institute a rule or procedure. Because that's what bureacracies do, private or public.
Toss in empire-building and that explains most of it. Though honestly the national labs have been far better places to work than the businesses or universities. Businesses are just as subject to these tides of human behavior as governments. They're just not as transparent, and you get fired for making them public.
I'm not saying this was that Healthcare.gov was the most efficient use of resources ever. On the other hand, the Facebook comparison is ludicrous. FB didn't have to serve 40 million users on day one; they got to scale up slowly. HC.gov is in the unenviable position of having to have a system which will handle millions of users (and almost certainly an overload) the moment it opens, then never having to handle that great a load again. In addition to having to do it in a way that absolutely protects the users HIPAA PII (so don't say cloud), unlike FB, which is in the business of making PII public and faces no penalties if it gets hacked.