Many government agencies need to update their privacy and records management to keep up with new social media, according to a Government Accountability Office Report released Thursday.
"Federal agencies increasingly use recently developed Internet technologies that allow individuals or groups to create, organize, comment on, and share online content," the report noted. "However, these services may also pose risks to the adequate protection of both personal and government information."
The GAO surveyed 23 major agencies, including the departments of Homeland Security, Defense, and Commerce. About half had developed new records management and privacy policies. A third had conducted assessments of privacy and cybersecurity.
According to the report, some agencies asserted that existing policies already cover social media. That, the GAO says, is a mistake.
"Social media technologies present unique challenges and risks, and without establishing guidance and assessing risks specific to social media, agencies cannot be assured that they are adequately meeting their responsibilities to manage and preserve federal records, protect the privacy of personal information, and secure federal systems and information against threats," the report concludes.
Among the agencies that had not done anything to evaluate or update their polices were NASA, the Social Security Administration, Small Business Administration, and the U.S. Agency for International Development, according to the report.
All other departments surveyed had taken at least some steps.
The GAO report recommends that agencies update policies to explicitly describe how personal information collected through social media may be used, as well as conduct surveys of potential privacy and cybersecurity risks.