Skip to main content
  1. News
  2. Politics
  3. Policy & Issues

Top security officer says she recommended delaying rollout

See also

A top security officer told Congress this week that recommendations she made to limit access to the site owing to serious vulnerabilities were overruled by higher-ups in the Obama administration. CBS News’s Sharyl Attkisson has the story:

Teresa Fryer, the chief information security officer for the Centers for Medicare and Medicaid Services (CMS) … was interviewed Tuesday behind closed doors by House Oversight Committee officials. The security risks were not previously disclosed to members of Congress or the public. Obama administration officials have firmly insisted there’s no reason for any concern regarding the website’s security.


Details are not being made public for security reasons but Fryer testified that one vulnerability in the system was discovered during testing last week related to an incident reported in November. She says that as a result, the government has shut down functionality in the vulnerable part of the system. Fryer said the other high-risk finding was discovered Monday. [Emphasis added]

In another security bombshell, Fryer told congressional interviewers that she explicitly recommended denial of the website’s Authority to Operate (ATO), but was overruled by her superiors. The website was rolled out amid warnings Fryer said she gave both verbally and in a briefing that disclosed ‘high risks’ and possible exposure to ‘attacks.’

[Video of interview with committee chairman Darrel Issa.]

“My recommendation was a denial of ATO," Fryer told the committee during her day-long testimony. She told House members that her first recommendation to then-CMS chief information officer Tony Trenkle was made soon after the launch of the website on Oct. 1. She said, "I had discussions with him on this and told him that my evaluation of this was a high risk." Trenkle retired from his CMS job on Nov. 13.

This is the first time a government insider has gone on record challenging the administration's insistence that there were no worrisome security concerns.

When confronted with Fryer’s claims, Health and Human Services Secretary Kathleen Sebelius issued a denial, saying, "I can tell you that no senior official reporting to me ever advised me that we should delay.” But Fryer maintains that she briefed Sebelius' top information officers at HHS in a teleconference Sept. 20, urging that the website launch be delayed for security reasons.

Fryer further testified that the the participants in the conversation included's chief project manager Henry Chao, HHS chief information security officer Kevin Charest, and HHS Deputy Assistant Secretary for Information Technology Officer Frank Baitman. She says she was advised three days later that her advice was not going to be followed.

Related Articles

For more articles and headlines, be sure to check out Liberty Unyielding. Follow me on Twitter or join me at Facebook.



  • Mt. Everest avalanche
    Disaster strikes Mt. Everest as at least 12 people were killed in an avalanche
    Watch Video
  • Most Earthlike planet discovered
    The Kepler telescope has discovered the most Earthlike, possibly habitable planet yet
    Space News
  • Easter crosses create debate
    Easter crosses spark a debate of separation of church and state in Ohio
  • Chelsea Clinton is preggers
    Former first daughter Chelsea Clinton is pregnant with her first child
  • Stanley Cup playoffs
    The battle for Lord Stanley's Cup is on, don't miss a minute of playoff action
  • Ukraine discussed amongst U.S., E.U., Russia
    The U.S., E.U. and Russia agree on ways to diffuse the tension in Ukraine
    Watch Video

User login

Log in
Sign in with your email and password. Or reset your password.
Write for us
Interested in becoming an Examiner and sharing your experience and passion? We're always looking for quality writers. Find out more about and apply today!