, , ,

Managing and Protecting Information on Social Networks

GAO recently did a study of Federal agencies using various social media sites. Since many agencies have started to explore how to use social media to achieve the objectives of the agencies mission, the GAO wanted to explore how social media services may pose risks to both personal and government information.

The GAO was tasked with studying the following:

  • Describe how federal agencies are currently using commercially provided social media services
  • Determine the extent to which agencies have developed and implemented policies and procedures for managing and protecting information associated with this use.

To achieve these goals, GAO examined Facebook, Twitter and YouTube accounts of 24 major federal agencies. The GAO aso reviewed pertinent policies, procedures, and guidance. GAO also interviewed agency officials who are using social media on behalf of the agency.

Some of the key findings of the report where that agencies ensure appropriate record management, privacy and proper security measures. A brief summary of the findings is below:

Records Management

  • 12 of the 23 agencies have developed and issued guidance that outlines processes and policies for identifying and managing records generated by their use of social media and record-keeping roles and responsibilities.


  • 12 agencies have updated their privacy policies to describe whether they use personal information made available through social media, and 8 conducted and documented privacy impact assessments to identify potential privacy risks that may exist in using social media given the likelihood that personal information will be made available to the agency by the public.


  • 7 agencies identified and documented security risks (such as the potential for an attacker to use social media to collect information and launch attacks against federal information systems) and mitigating controls associated with their use of social media.

View the Complete Report Here: Social Media: Federal Agencies Need Policies and Procedures for Managing and Protecting Information They Access and Disseminate

The GAO broke down the findings by agency.

Highlights (1 Page Overview of Report)

How are you agencies covering records management, privacy and security?

Leave a Comment


Leave a Reply

Susan Thomas

@Patrick, Thank you for this post. I am researching social media use in government and this material is helpful.

Pat Fiorenza

Not a problem, Susan! Appreciate the feedback. Cool you are doing some research on social media in government – what aspects of social media in government? I did some research last year on policies & measurement.