Security lapses found at CDC bioterror lab in Atlanta

A federal bioterror lab already under investigation by Congress for safety issues has had repeated incidents of security doors left unlocked to an area where experiments occur with dangerous germs, according to internal agency e-mails obtained by USA TODAY. In one incident, an unauthorized employee was discovered in a restricted area.

A Centers for Disease Control and Prevention spokesman said the unsecured door incidents in 2010 and 2009 inside a high-containment area of its Emerging Infectious Diseases Laboratory in Atlanta were "not an acceptable practice of the agency." At no time were bioterror organisms like anthrax at risk of falling into the wrong hands, because of multiple layers of security, the CDC's Tom Skinner said.

The e-mails document doors being left unlocked in the building's high-containment lab block, which includes an animal-holding area and Biosafety Level 3 labs, where experiments are done on microbes that can cause serious or potentially fatal diseases and can be spread through the air. Anthrax, monkeypox, dangerous strains of influenza and the SARS virus are examples.

According to an April 29, 2010, e-mail to more than a dozen agency officials, CDC Safety and Occupational Health Manager Patrick Stockton wrote that earlier that day "an individual with no access and no escort" was found in the high-containment area. "He did not have access and at this point we are not sure how he got there."

Stockton wrote that he found two doors unlatched and unsecured in the area. "It is imperative that all doors leading to high containment remain secured," he wrote, noting that the staff's failure to secure doors "seems to be a common failure point." A 2009 e-mail from Stockton documented a similar problem in the BSL-3 area.

Skinner said the unauthorized man in the 2010 incident was a CDC scientist but was not immediately able to provide further details about why he was in the restricted area. Skinner said he's unaware of any further door security incidents after 2010.

Rutgers University biosafety expert Richard Ebright said the incidents described in Stockton's e-mails may be a "major violation" of security standards for labs that work with bioterror agents. Ebright said these and other issues at the lab building "make it clear that there has been a pattern of corner-cutting and negligence at CDC biocontainment facilities."

Problems with the airflow systems in the building revealed by USA TODAY, including a February incident where air briefly blew out of a lab into a "clean" hallway, prompted the House Energy and Commerce Committee this week to launch a bipartisan investigation. The CDC is responsible for inspecting its labs.

A 2009 report by the U.S. Government Accountability Office noted that insiders working at bioterror labs can pose risks, citing the alleged role of a U.S. Army scientist in the 2001 anthrax attacks.

"There are arguably two aspects to insider risk: the motive of the insider and the ability to misuse material and laboratory facilities," the GAO report said.