NASA’s Privacy Program

View Report

Date Issued

Tuesday, December 19, 2023

Submitting OIG

National Aeronautics and Space Administration OIG

Other Participating OIGs

National Aeronautics and Space Administration OIG

Agencies Reviewed/Investigated

National Aeronautics and Space Administration

Report Number

IG-24-006

Report Description

Like other federal agencies, NASA collects personally identifiable information, or PII. The Agency’s high-profile mission and broad connectivity with the public make it susceptible to increased privacy risks. While it has a comprehensive privacy program, NASA needs to take additional steps to better protect individuals’ personal information that it collects, uses, and maintains.

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Open Recommendations

This report has 2 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
5	No	$0	$0
Ensure that designated members of a Breach Response Team participate in a tabletop exercise, at least annually.
6	No	$0	$0
Require those with specific security and privacy roles to take privacy role-based training.