The GAO Report released July 28, 2011 highlighted what amounts to mixed progress in agencies’ effort to use social media to inform and engage the the public, citing concerns in managing and identifying federal records, protecting personal information, and ensuring the security of federal information and the systems that host that information.

Specifically, GAO reported that in the areas of:

Records management: 12 of the 23 agencies have developed and issued guidance that outlines processes and policies for identifying and managing records generated by their use of social media and record-keeping roles and responsibilities.

Privacy: 12 agencies have updated their privacy policies to describe whether they use personal information made available through social media, and 8 conducted and documented privacy impact assessments to identify potential privacy risks that may exist in using social media given
the likelihood that personal information will be made available to the agency by the public.

Security: 7 agencies identified and documented security risks (such as the potential for an attacker to use social media to collect information and launch attacks against federal information systems) and mitigating controls associated with their use of social media.