Pursuant to a congressional request, GAO presented information on: (1) how federal agencies obtain, verify, use, and protect personal data; (2) how individuals are made aware of information collected about them; (3) what telecommunications and network facilities agencies' systems use to transmit data; and (4) what effect new technologies have on the sharing of personal data.

GAO found that: (1) agencies reported that, as of January 1989, they collected and stored personal information on individuals in approximately 2,000 predominantly computerized systems; (2) agencies reported that they obtained personal information from various sources, sometimes more than one; (3) agencies obtain and verify information from third-party sources; (4) information in 509 of the 910 largest systems can be accessed by a variety of organizations, such as other agency components within cabinet-level departments; (5) security controls are needed to protect the personal information stored and processed in computer systems from unauthorized disclosure and modification; and (6) computers and communications technologies have enabled agencies to use personal information in new applications designed to detect and prevent fraud, waste, and abuse.