The Office of Personnel Management needs to do more to ensure privacy when conducting federal employee background investigations, according to a report by the Government Accountability Office.

The OPM’s Federal Investigative Services (FIS) conducts more than two million background checks each year that contain extensive amounts of personal information. While privacy protections are in place for OPM background checks, there are shortcomings in how these protections are carried out, including limited oversight of privacy impact assessments and limited monitoring of how these privacy protections are implemented in the field and by customer agencies.

OPM’s oversight for these assessments, called privacy impact assessments (PIA), doesn’t require that privacy risks be analyzed and mitigation strategies be identified. “Consequently, OPM cannot be sure that potential risks associated with the use of PII in its information systems have been adequately assessed and mitigated,” the report stated.

Even though the FIS has developed agreements with customer agencies for protection of personal information, it does not monitor customer agencies’ implementation of these policies.

“Without oversight processes for monitoring investigators’ and customer agencies’ adherence to its personally identifiable information protection policies, OPM lacks assurance that its privacy protection measures are being properly implemented,” the GAO concluded.

The report recommended that OPM:

  • Develop guidance for privacy impact assessments that includes an analysis of privacy risks and mitigating techniques.
  • Ensure that all existing privacy impact assessments adhere to the guidance.
  • Perform periodic, structured evaluations to ensure that field investigators are protecting personally identifiable information.
  • Develop and implement procedures for monitoring customer agencies’ adherence to the privacy provisions.

OPM officials agreed with the recommendations. However, they said they have recently instituted procedures to check compliance of privacy protection during investigations.

Related News

Eric Pecinovsky is the Director of Marketing for, focusing on brand development, web site traffic growth, product development. Build and maintain relationships with all departments who support the product line. Support cross-functional initiatives. Assess the competitive landscape. Development of brand/product strategy.