Information Security: Agency Responses to Breaches of Personally Identifiable Information Need to Be More Consistent

Citation
Government Accountability Office, Information Security: Agency Responses to Breaches of Personally Identifiable Information Need to Be More Consistent (GAO-14-34) (Dec. 9, 2013) (full-text).

Overview
The GAO was asked to review issues related to PII data breaches. The report's objectives are to (1) determine the extent to which selected agencies have developed and implemented policies and procedures for responding to breaches involving PII and (2) assess the role of DHS in collecting information on breaches involving PII and providing assistance to agencies.

GAO made 23 recommendations to OMB to update its guidance on federal agencies' response to a data breach and to specific agencies to improve their response to data breaches involving PII.