June 1, 2023

Access of Executive Branch Personnel Records

In June 2019, the Clearance Action Tracking System (CATS) became the Department of Energy’s official case management system for clearance processing and adjudication.  CATS is an unclassified custom-built, web-based case management system that is used to facilitate counterintelligence evaluations and the processing and adjudication of personnel security clearances under 10 Code of Federal Regulations (CFR) 709, Counterintelligence Evaluation Program and 10 CFR 710, Procedures for Determining Eligibility for Access to Classified Matter and Special Nuclear Material, respectively.  CATS contains extensive amounts of personally identifiable information, including social security numbers, names of family members, addresses, personal history, and more.

In October 2021, the Office of Inspector General was contacted by the National Nuclear Security Administration (NNSA) requesting assistance from the Office of Inspector General after an internal review identified the potential misuse of CATS and its data.  In part, the NNSA official alleged that security files for certain Executive Branch officials, including the President and Vice President of the U.S., had been accessed in CATS without explanation.  We initiated this inspection to determine whether the Department effectively managed security over CATS.  During our inspection, we noted a lack of processes to prohibit counterintelligence evaluations of certain Executive Branch employees that warrants immediate actions and the issuance of this special report.  This report will ensure that management is provided with the opportunity to initiate immediate actions to address risks identified within the Department’s adjudicative process. 

We substantiated the allegation that records for the President and Vice President were accessed by a Department support contractor although Federal requirements indicate they were not subject to counterintelligence evaluations under 10 CFR 709, Counterintelligence Evaluation Program.  We also determined that other members within the Executive Branch who are not subject to evaluations under 10 CFR 709, including those in current and prior Administrations, had their records accessed by Department and support contractor personnel.  Access to security records of the President, Vice President, and high-ranking Federal executives that are not within the scope of the Department’s counterintelligence evaluation regulations in 10 CFR 709 occurred because NNSA and Office of Intelligence and Counterintelligence officials did not adhere to these requirements.  Instead, NNSA officials told us that they followed requirements contained within two different sources issued by the Department. 

This report contains three recommendations that, if fully implemented, should help ensure that access to personally identifiable information is adequately controlled and counterintelligence evaluations are performed on appropriate officials in accordance with applicable Federal guidance.  Management fully concurred with Recommendation 1 and Recommendation 3 and partially concurred with Recommendation 2.  Management’s proposed corrective actions were responsive to all three recommendations.