Roll Call: Latest News on Capitol Hill, Congress, Politics and Elections
April 23, 2014

Issa’s Quest Continues to Expose HealthCare.gov Security Gaps

Oversight and Government Reform Chairman Darrell Issa is on a quest to prove there are vast security gaps on HealthCare.gov, and he and his staff think they may have just hit a goldmine.

On Dec. 20, the California Republican’s office released selected portions of a Dec. 17 interview between the committee and Teresa Fryer, the chief information security officer at the Centers for Medicare and Medicaid Services.

According to the excerpts, Fryer urged her colleagues against issuing authority to operate approval for the website — which is meant to facilitate enrollment into the insurance exchanges mandated by the 2010 health care law — due to potential cybersecurity vulnerabilities. (An ATO order is like a green light to launch a site.)

Additional transcribed excerpts from the committee’s Dec. 4 grilling of Tony Trenkle, the former chief information officer for CMS, could give Issa and his team more fodder: Portions of the interview, obtained by 218, show that Trenkle doesn’t “recall” cautions from Fryer about proceeding with the Oct. 1 launch of the website.

According to the transcript, Trenkle said he “heard concerns” about potential issues with the website and he received multiple briefings on the progress being made prior to the launch, but said repeatedly that he wasn’t able to remember certain dates, key details or who was involved in certain discussions.

“When asked if he got feedback from his chief security advisor Teresa Fryer on going ahead with the Oct 1 launch, Trenkle told the committee, ‘Not that I recall,’” Issa spokesman Frederick Hill said in an email. “Fryer’s stark testimony about the warnings she gave Trenkle and others has opened up new questions about the candor and credibility of [Health and Human Services] officials who made the disastrous decision to go forward with the October 1 launch against expert advice.”

Here’s an excerpt of an exchange between Fryer and the committee from Dec. 17, which Issa and his cohorts argue tells a very different story than the one Trenkle, who resigned in mid-November, relayed to the committee.

Fryer: My recommendation was a denial of an ATO.

Committee: Who did you make that recommendation to?

Fryer: To my management. To the authorizing official.

Committee: Which is who?

Fryer: Tony Trenkle.

Committee: And did you do that in person?

Fryer: Yes, and it was during the security testing when the issues were coming up about the availability of the system, about the testing in different environments. I had discussions with him on this and told him that my evaluation of this was a high risk.

Team Issa might have something substantial to show for its dogged efforts to expose incompetence in the Obama administration, but it faces somewhat of an uphill battle in getting people to see the information outside a partisan filter.
Issa has come under fire over the past week for releasing subpoenaed materials without first attaining a majority vote from the full Oversight and Government Reform Committee, which could run afoul of House rules. Even Minority Leader Nancy Pelosi, D-Calif., has joined in, calling for Speaker John A. Boehner, R-Ohio, to compel Issa to stand down.
He is also being slammed by his ranking member, Rep. Elijah E. Cummings, D-Md., who says the releases are not only breaking precedent, but have been taken entirely out of context.
“Chairman Issa’s reckless pattern of leaking partial and misleading information is now legendary for omitting key information that directly contradicts his political narrative,” Cummings said in a statement last week. ”This effort to leak cherry-picked information is part of a deliberate campaign to scare the American people and deny them the quality affordable health insurance to which they are entitled under the law.”
Cummings’ team has made public its own portions of the Fryer transcript, which reportedly show that her concerns about HealthCare.gov’s security risks — and her recommendation not to approve the ATO for the site’s launch — were assuaged seven days later, when additional risk mitigation strategies were established that rendered that “no” recommendation all but moot.
Fryer also told the committee that ”there have been no successful attempts of any of these types of attacks … no successful breaches [or] security incidents,” and that the website’s systems ”exceed” the standards established by the National Institutes of Standards and Technology pursuant to the Federal Information Security Management Act.
Oversight and Government Reform Committee Democrats also had a counter to the Republicans’ use of Trenkle’s testimony: ”During his own transcribed interview with Committee staff, Mr. Trenkle — who has decades of experience with IT systems and was not a political appointee — stated that the mitigation strategy addressed the risks outlined in the ATO on Sept. 27,” they wrote in a Dec. 20 release.
  • NICKinNOVA

    Another partial transcript released by Issa to make some claim that is instantly disproven once the full transcript is released. Issa continuously puts out partial transcripts that often leave out the parts disproving his claims.

    • ThomasD

      The full transcript you speak of is from a House Committee, so it is already public record. If there is something in there that provides a different take on the reported lack of security, or the denial of authority to operate by the responsible party then please feel free to quote it.

      Otherwise you have nothing.

    • Rick Caird

      Where did you get that talking point, again? Did it come from Media Matters or Think Progress?

  • http://www.politicalbase.com/profile/jnail/blog/ JJNSTANG

    Maybe Issa should focus on Target and their 40 million credit cards breached.

    • WilliamK

      Ah, target came clean with the breach. HHS is trying to bury it.

      • amr

        HHS is not requirewd to tell you that your personal data been hacked. They refused to do so and are beyond suing; not so for Target.

  • DrSquishy

    It isn’t stopping people from signing up for health care.

    • ThomasD

      No the Obama administration is doing that all by themselves.

    • John in Chicago

      Faced with cancelations of their current policies by the government and under the threat of fines and imprisonment they have no choice you fool.

      • greggy44

        Sorry, “you fool,” all have the choice to pay the fine and, of course, still not have health insurance. And if one is a wing nut freak, such as yourself, that’s exactly the sort of move I would expect. And then watch you show up at the emergency room and expect to be treated for falling off your tricycle.

        • John in Chicago

          Only a liberal fool could take numbers posted by the government of policies people are FORCED to buy and post them as a “success: of that policy. That’s the same as saying everybody supports the government as a whole because were forced to pay taxes. Your the liberals useful idiot Greg. Wake up.

          • greggy44

            It’s INSURANCE! If you owned ANYTHING of value you’d already be paying INSURANCE and realize that! But, being a wing nut, you think medical care should a commodity reserved only for the few that can afford US health care costs.

          • John in Chicago

            Insurance( a product) that the American people are FORCED to buy. And at higher cost then the product they had before. You can’t force someone to buy a product then use the numbers of the product sold as an affirmation of that products success. Smart people understand that. Grow up Greg.

          • greggy44

            “. . . American people are FORCED to buy.”

            That’s right, just like mortgage insurance or car insurance. Nobody is being “Forced” to buy anything. You don’t want insurance? Pay the fine and stop whining.

          • John in Chicago

            You couldn’t be more mistaken, Greggy. I can CHOSE not to own a car and not pay insurance. I can CHOSE not to own a home and pay for insurance. But now the ACA has FORCED me to pay for other peoples health insurance even though I was already paying for their emergency care by law. And those other people? They were always going to vote for the democrats anyway. this was just another handout. The ACA has p!ssed off tens of millions who were perfectly content with the previous status quo. And they either provided their own insurance or had it as part of the employment benefit package.
            And they vote too, Greggy. And because they actually produce they don’t automatically vote for the party of free stuff. You p!ssed off the wrong people Greggy.

          • greggy44

            You also don’t have to live, so why do you? “I” pissed off the wrong people? Exactly how far down the rabbit hole have you gone? The ACA opposition, once the people who think it doesn’t go far enough, are removed doesn’t even hit 40%!

        • bubba_shawn

          I thought you liberal Kool Aid drinkers were all about “choice”. So why do attack with derogatory name calling Americans who take the choice of not risking identity theft signing up for ObamaCare?

          • greggy44

            Really? Give me numbers that demonstrate that your “concern” about “identity theft” are at all valid at the healthcare web site. And, by the way, one need not sign up for the ACA, one is fully able to get health insurance one’s self, as long as that policy conforms with the new guidelines.

  • Laka

    The article clearly states that all of the security concerns were mitigated within seven days. Bada-Bing, Bada-Boom. Done. Forget about it. They’re regular geniuses with websites. Drink your cocoa, Pajama Boy, and don’t worry about anything.

  • WilliamK

    People putting their info into HC.gov are test tube examples of financial Darwinism.

  • emceemc

    Issa is all bombast. He releases these statements on a weekly basis and nothing ever comes of them, ever. No real journalist would even report them any more.

    • Hawkeye72

      You’ve got it right. Issa,Boehner,McCain,McConnell,Graham. Not one of them has any cajones. That’s why we still have a communist muslim as president. Issa’s hearings are just a waste of tax payer money. I knew that the day Learner flipped him the bird and walked right out of there.

  • tpartynitwit

    I’m gonna take out a policy on Darrell, if you know what I mean. Don’t stand near his car, capiche?

  • 5466ron

    Issa is ineffective, he should be replaced by Trey Gowdy.

  • John in Chicago

    Thank you Darryl Issa for continuing to expose the most corrupt administration since Nixon.

  • amr

    The lady was the second person to refuse to sign off on the security system. The first person resigned rather than sign off. I don’t know if he has talked to the House committees.

  • bubba_shawn

    The $90 penalty is cheap insurance against identity theft that anybody risks signing up on the ObamaCare web site.

    Hackers are drooling over the opportunity to empty back accounts and apply for credit on the suckers that are signing up.

  • Santiago Alemedia

    I have yet to see anything come from the antics of Daryl Issa. He’s not stopped one bit of govt waste, fraud, duplication. He’s wasting so much time “investigating” Obama admin, but only seems to be raising money for his next campaign. His road show of pretend hearings is pathetic,

    He’s a big, bad bloviator, but when it comes to actually getting something done, Issa is a faker and a phony.

  • Charles Wolf

    Issa’s Quest Continues to Expose HealthCare.gov Security Gaps

    The front page headline is misleading.
    The story above more accurately could be headed:

    Issa’s Quest Continues to Expose Issa’s Slimy Tactics
    Calls for Him to Step Down Increase.

  • NICKinNOVA

    Issa is doing nothing but releasing partial transcripts to paint a picture that always dissolves once the whole transcript, and not his cherry picked lines, are published: http://touch.latimes.com/#section/-1/article/p2p-78627159/

  • TresAmigos78

    Obama is seriously delusional.

  • Defend Liberty
  • Montesquieu

    An intro to the destruction of medical care in these united states by the delusional marxists of the Obama regime: http://thehill.com/blogs/healthwatch/health-insurance/191005-cancellations-are-coming-for-millions-more

  • Fresh Mountain Air

    In a related video liar-in-chief Hussein Obama lies to the face of the American people about keeping their insurance and their doctor: http://www.youtube.com/watch?v=H8spP856AMY

  • Socialism is Organized Evil

    In a related video liar-in-chief Hussein Obama lies to the face of the American people about keeping their insurance and their doctor: http://www.youtube.com/watch?v=H8spP856AMY

Sign In

Forgot password?

Or

Subscribe

Receive daily coverage of the people, politics and personality of Capitol Hill.

Subscription | Free Trial

Logging you in. One moment, please...