HHS No. 2 doesn't recall elevating security worry

RICARDO ALONSO-ZALDIVAR

January 17, 2014 at 1:23 PM

FILE In this Oct. 28, 2009 file photo, Health and Humane Service Deputy Secretary William Corr testifies on Capitol Hill in Washington. Coor, the second-in-command at the federal Health and Human Services department says he doesn’t recall relaying security concerns about the administration’s health insurance website to higher-ups. (AP Photo/Haraz N. Ghanbari, File)

WASHINGTON (AP) — The second-in-command at the federal Health and Human Services Department says he doesn't recall reporting security concerns about the administration's health insurance website to higher-ups.

Deputy Secretary William Corr "has no recollection" of relaying concerns passed on to him by the department's top technology officer to his own boss, Secretary Kathleen Sebelius, or with White House officials, spokeswoman Joanne Peters said.

Corr and Sebelius both have offices on the sixth floor of the HHS building, overlooking the National Mall. Over the summer and into early fall, the department was working frantically to meet a self-imposed Oct. 1 deadline for the start of the first open enrollment season under President Barack Obama's health care law. That's also when the website was scheduled to go live.

HHS chief information officer Frank Baitman testified to Congress this week that he learned days before the launch that senior cybersecurity experts inside the department were balking at signing a required operational certificate. The problem: Security testing had not been completed because the website was getting constant technology tweaks and also was crashing. Baitman said he passed that information on to Corr and another top official.

HealthCare.gov is the online portal to coverage under Obama's law. It was overwhelmed by multiple technical problems when it launched and was out of commission most of October. Major computer issues have since been resolved, and most consumers are able to sign up. But questions remain about how and why the administration bungled the rollout.

Baitman told the House Oversight and Government Reform Committee this week that on Sept. 20 the chief information security officer for the Centers for Medicaid and Medicare Services, Teresa Fryer, outlined her concerns during a teleconference. CMS is the department division running the website.

A second cybersecurity professional senior to Fryer, the chief information officer of CMS, was also uncomfortable with signing the operational and security certificate, which is a requirement for federal technology projects.

"I shared it with a few people," Baitman said, naming Corr and E.J. "Ned" Holland, the department's assistant secretary for administration.

"I thought it was noteworthy that the chief information security officer for CMS had expressed that she was uncomfortable signing it," Baitman added. He said he didn't consider that a "red flag," but he wanted to share it with senior officials.

The security certificate was finally signed on Sept. 27 by Marilyn Tavenner, the administrator of Medicare and Medicaid, whose background is in hospital administration, not technology.

It amounted to a temporary six-month permit, coupled with a series of measures to address possible security vulnerabilities. Without complete security testing ahead of the launch, it wasn't possible to assess how well the site would stand up to hackers. Fryer testified that testing was successfully completed on Dec. 18, and she would be willing to sign off now. There have been no successful attacks on the site.

Corr, the No. 2 HHS official who was alerted by Baitman, plays a behind-the-scenes role.

Corr got his start in health care in the 1970s, running clinics in rural areas of Tennessee and Kentucky. He later served as a senior staffer to House and Senate Democrats and worked as HHS chief of staff during President Bill Clinton's administration. Before returning to government service in 2009, he was executive director of the Campaign for Tobacco-Free Kids.

Yahoo Sports
Broncos, Jets, Lions and Texans have new uniforms. Let's rank them
Which new uniforms are winners this season?
1d ago
Yahoo Sports
Based on the odds, here's what the top 10 picks of the NFL Draft will be
What would a mock draft look like using just betting odds?
3d ago
Yahoo Finance
Jamie Dimon is worried the US economy is headed back to the 1970s
JPMorgan's CEO is concerned the US economy could be in for a repeat of the stagflation that hampered the country during the 1970s.
2d ago
Yahoo Sports
Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill
Vincent Goodwill and Tom Haberstroh break down last night’s NBA Playoffs action and preview several games for tonight and tomorrow.
1d ago
Yahoo Sports
Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion
The Red Sox were already mourning the loss of Tim Wakefield from that 2004 team.
5d ago
Autoblog
These are the cars being discontinued for 2024 and beyond
As automakers shift to EVs, trim the fat on their lineups and cull slow-selling models, these are the vehicles we expect to die off soon.
2d ago
Yahoo TV
Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.
Ryan Gosling, who starred in the skit, couldn't keep a straight face — and neither could some of the "Saturday Night Live" cast.
2d ago
Yahoo Sports
Ryan Garcia drops Devin Haney 3 times en route to stunning upset
The 25-year-old labeled "mentally fragile" by many delivered the upset for the ages.
5d ago
Yahoo Sports
Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions
Reid's deal reportedly runs through 2029 and makes him the highest-paid coach in the NFL.
3d ago
Yahoo Sports
Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal
Dan Wetzel, Ross Dellenger & SI’s Pat Forde react to the huge performance this weekend by Texas QB Arch Manning, Michigan and Notre Dame's spring games, Jaden Rashada entering the transfer portal, and more
3d ago
Yahoo Sports
Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal
Cortés' attempt didn't fool Andrés Giménez, who fouled off the pitch.
5d ago
Yahoo Life
Here’s when people think old age begins — and why experts think it’s starting later
People's definition of "old age" is older than it used to be, new research suggests.
3d ago
Yahoo Sports
NBA playoffs: Who's had the most impressive start to the postseason? Most surprising?
Our NBA writers weigh in on the first week of the playoffs and look ahead to what they're watching as the series shift to crucial Game 3s.
5h ago
Autoblog
UPS and FedEx find it harder to replace gas guzzlers than expected
Shipping companies like UPS and FedEx are facing uncertainty in U.S. supplies of big, boxy electric step vans they need to replace their gas guzzlers.
8h ago
Yahoo Finance
Retirement confidence in the US ticks up; new rule for financial advisers is set to start
Two-thirds of Americans reported that they feel confident they have enough money for a comfortable retirement, up a notch from last year.
11h ago
Yahoo Finance
Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock
Trump is entitled to an additional 36 million shares if the company's share price trades above $17.50 "for twenty out of any thirty trading days" over the next three years.
2d ago
Yahoo Sports
Lions' new uniforms get leaked early, and they find some humor in it
The Lions' new uniforms got released prematurely.
7d ago
Yahoo Sports
2024 NFL mock draft: With one major trade-up, it's a QB party in the top 5
Our final 2024 mock draft projects four quarterbacks in the first five picks, but the Cardinals at No. 4 might represent the key pivot point of the entire board.
4d ago
Yahoo Sports
Charlie Woods, Tiger Woods’ 15-year-old son, fails to advance in U.S. Open qualifier
Charlie Woods shot a 9-over 81 in the first stage of U.S. Open qualifying on Thursday in Florida.
1h ago
Yahoo Sports
Dylan Edwards set to be latest Colorado running back to enter transfer portal
All four rushers who had more than 10 carries in 2023 for the Buffaloes are transferring.
2d ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

David Pecker returns to witness stand in Trump's hush money trial

HHS No. 2 doesn't recall elevating security worry

Recommended Stories

Broncos, Jets, Lions and Texans have new uniforms. Let's rank them

Based on the odds, here's what the top 10 picks of the NFL Draft will be

Jamie Dimon is worried the US economy is headed back to the 1970s

Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

These are the cars being discontinued for 2024 and beyond

Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.

Ryan Garcia drops Devin Haney 3 times en route to stunning upset

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal

Here’s when people think old age begins — and why experts think it’s starting later

NBA playoffs: Who's had the most impressive start to the postseason? Most surprising?

UPS and FedEx find it harder to replace gas guzzlers than expected

Retirement confidence in the US ticks up; new rule for financial advisers is set to start

Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock

Lions' new uniforms get leaked early, and they find some humor in it

2024 NFL mock draft: With one major trade-up, it's a QB party in the top 5

Charlie Woods, Tiger Woods’ 15-year-old son, fails to advance in U.S. Open qualifier

Dylan Edwards set to be latest Colorado running back to enter transfer portal