COVID-19 Vaccines and the Lessons Learned from H1N1

As the federal government responds to the coronavirus pandemic, we here at GAO have been monitoring the response efforts—including reviewing COVID-19 vaccine development and authorization. Today’s WatchBlog explores our past work on vaccine distribution and lessons learned from the H1N1 pandemic response.

Public expectations matter

In the summer of 2009, the Department of Health and Human Services (HHS) told states, localities, and the public to expect that more than 100 million doses of the H1N1 vaccine would be available by October of that same year. But by the end of October, less than 17 million doses had been shipped out. The vaccine wasn’t widely available until December of that year. When reality didn’t meet the public expectations set by HHS, government credibility took a hit. State and local health departments had to cancel planned vaccination clinics and change their public messaging when the H1N1 vaccine wasn’t available when expected. A subsequent Gallup survey found that 54% of adults said that the federal government did a poor or very poor job providing vaccination supplies.

Flexibility is valuable but can cause confusion

States and localities had flexibility in their vaccine distribution plans, which officials told us they valued because they could make adjustments to meet local needs. However, differences in how jurisdictions distributed the vaccine led to confusion and the appearance of inequity in some cases. For example, in the state of Washington, two neighboring counties differed in their initial target groups for vaccines—1 included teachers, the other did not and distributed initial supplies to physicians to vaccinate their patients. In the Northeast, states began vaccinating the general public at different times. Although the Centers for Disease Control and Prevention (CDC) officials told the public to expect differences in distribution, there was still confusion. State, local, and federal officials all supported flexibility in distribution, but this experience highlights the potential for confusion.

Centralized distribution was useful, but minimum dose size was problematic

Overall, association and state officials thought that the use of a central vaccine distributor—building off CDC’s existing Vaccines for Children program—was effective. One association said the use of the central distributor was a “best” practice during the H1N1 pandemic response because the central distributor was already in place and in operation. However, the central vaccine distributor’s 100-dose minimum order for shipment caused problems in some states and territories that were distributing the vaccine to smaller providers. One state reported having to hire a contractor to receive and repackage the shipments before distributing. 

COVID-19 vaccine development

GAO has been monitoring the federal government’s response to the COVID-19 pandemic, including efforts to accelerate the development, manufacturing, and distribution of COVID-19 vaccines. Much of what we’ve reported is in line with these previous lessons learned. For example, we cited the importance of timely, clear, and consistent communication to state and local health officials, stakeholders, and the public about vaccine availability to ensure public confidence and encourage vaccine use. We also reported on the interim planning documents for vaccine distribution released last year and areas in which state and local public health officials and providers were seeking more guidance. As the federal government response to COVID-19 moves from vaccine development and authorization to distribution, we will continue to monitor and report on these efforts.

Posted in About GAO, Collections, Coronavirus | Tagged , , , , , , , , , | Leave a comment

Recent Cyberattacks Further Highlight Need For Action

Recent high-profile and widespread cyberattacks on federal agencies and national infrastructure have further highlighted the need for the government to address this attack and prevent future ones. However, these threats and the challenges in addressing them are long-standing and have earned cybersecurity a spot on GAO’s High Risk List since the 1990s.

In today’s WatchBlog, we look at why federal agencies and our nation’s critical infrastructure—such as energy, communications, and financial services—are prime targets for cyberattacks, and the challenges in protecting them.

Recent cyberattack

In December, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) reported that an advanced, persistent threat had inserted a “backdoor”—a malicious program that can potentially give an intruder remote access to an infected computer—into a genuine version of a network management software product. The malicious actor used this backdoor, among other techniques, to initiate a cyberattack campaign against U.S. government agencies, critical infrastructure entities, and private-sector organizations that use the compromised network management software product. According to CISA, this threat poses a grave risk to the federal agencies and our nation’s critical infrastructure, among others.

We have begun reviewing the federal response to the recent cyberattack. We will be monitoring these efforts and reporting back.

Ensuring the cybersecurity of the nation

This most recent attack further highlights the urgent need to address the long-standing cybersecurity challenges facing the nation. We designated information security as a government-wide high risk area in 1997. More recently, we identified 4 major cybersecurity challenges and 10 critical actions that the federal government and other entities need to take to address those challenges. The figure below outlines these actions.

Figure: 10 Critical Actions Needed to Address 4 Major Cybersecurity Challenges

The complexity and severity of the recent attack means that the federal government needs to implement multiple actions simultaneously. For example:

  • Develop and execute a more comprehensive federal strategy for national cybersecurity and global cyberspace. In September, we highlighted the urgent need to clearly define a central leadership role for coordinating the federal strategy on national cybersecurity. Earlier this month, Congress established the Office of the National Cyber Director within the Executive Office of the President. The National Cyber Director will be responsible for integrating cybersecurity policy and operations across the executive branch. But the position must be filled in order to coordinate implementation of a national cyber strategy, including activities needed to effectively respond to significant cybersecurity incidents.

Listen to our podcast below with GAO’s Nick Marinos about cyber strategy and leadership to learn more.

  • Mitigate global supply chain risks. We also reported in December that none of the 23 agencies in our review had fully implemented the 7 selected practices for managing information and communications technology (ICT) supply chain. For example, only 3 of the agencies had developed organizational procedures to detect counterfeit and compromised ICT products prior to deployment. As a result, we made 145 recommendations, which still need to be implemented to address those weaknesses.

To learn more, listen to our December podcast with GAO’s Carol Harris about supply chain cybersecurity.

  • Enhance the federal response to cyber incidents. In July 2019, we reported that most of 16 selected federal agencies were deficient in at least 1 of the activities associated with incident response processes. For example, 7 of the 16 agencies did not adequately implement capabilities to analyze and respond to security incidents. In addition, 10 agencies did not consistently categorize incidents or ensure timely reporting of incidents. The figure below illustrates these deficiencies. We and the Inspectors General have made thousands of recommendations aimed at improving information security programs and practices—including those relating to incident response processes over the years. However, many of these recommendations remain unimplemented.

Figure: The Number of 16 Selected Agencies with Deficiencies in Incident Response


Posted in About GAO, Collections, High Risk List | Tagged , , , , , , , , , , , | Leave a comment

Protecting Federal Research from Foreign Influence

Federally-funded researchers may face conflicts of interest if they receive funding or other benefits from foreign entities, which may be looking to gain access to that research. One such example was highlighted in May 2020, when a former researcher at a prominent U.S. university pleaded guilty to filing a false tax return that did not include hundreds of thousands of dollars in foreign income from a Chinese-government talent recruitment program. This Chinese program provides U.S. researchers with salaries and other benefits in exchange for sharing their research findings with China.

This case is just 1 example of how foreign influence can be used to divert U.S. research to other countries. And with the U.S. government spending a reported $42 billion on university science and engineering research in fiscal year 2018, safeguarding this work is critical.   

In today’s WatchBlog, we take a closer look at our report on federal conflict of interest policies and how they may help agencies prevent undue foreign influence in federally funded research.

What is a conflict of interest in federally funded research?

Researchers who get federal funding have to watch out for 2 kinds of conflict of interest: financial and non-financial.

In a financial conflict of interest, an individual, or the individual’s spouse or children, has a financial interest or relationship that could directly and significantly affect the design, conduct, reporting, or funding of research. The figure below illustrates how universities manage financial conflicts of interest.

Figure 1: Generalized University Processes for Identifying and Mitigating Potential Financial Conflicts of Interest


In a non-financial conflict of interest, an individual faces conflicting obligations from multiple employers or other entities. For example, an individual may be required to improperly share information with, or withhold information from, an employer or funding agency, which threatens research security and integrity.

What risks does this influence pose?

In addition to the issues discussed above, there is a concern that foreign students working at a U.S. research university may share their findings, or other sensitive knowledge, with their home countries before the study results are officially released, thus weakening the United States’ efforts and enabling other countries to gain benefits.

How are federal agencies responding?

Our latest report reviewed 5 agencies—which together accounted for almost 90% of all federal research and development expenditures at universities in fiscal year 2018. We found that 3 of the 5 have agency-wide conflict of interest policies, while the remaining 2 do not. However, no agency has a policy that specifically addresses or defines non-financial interests.

With more detailed policies, agencies might be better positioned to identify conflicts of interest, which may help them identify cases of undue foreign influence.

When conflicts of interest are discovered, agencies can take a range of administrative or enforcement actions, including asking the researcher’s university to open an investigation, suspending the grant, or referring the case for prosecution.

In our report, we recommended that agencies establish agency-wide policies on conflicts of interest, and that they define non-financial interests, among other recommendations. These steps could help researchers better understand what they need to report, giving agencies more complete information to assess the risk of foreign influence. Foreign cooperation is an important part of U.S. research and can enhance the free exchange of ideas, leading to new discoveries. By implementing the above recommendations, agencies and universities can foster such collaboration, while protecting federal research from undue foreign influence. 

  • Questions on the content of this post? Contact Candice Wright at
  • Comments on GAO’s WatchBlog? Contact


Posted in About GAO | Tagged , , , , , , , , | Leave a comment

Celebrating 100 Years of Making Government Work Better for You

This year marks the 100th anniversary of the founding of the Government Accountability Office. Over the past century, the independent “congressional watchdog” has been presenting the facts on government oversight—pointing out where the federal government is doing well and where it can improve. GAO has made thousands of recommendations to improve services and save taxpayers billions of dollars.

GAO—formerly known as the General Accounting Office—is a trusted, non-partisan advisor to Congress, a proud defender of public interest, and a leading advocate for better government. From cybersecurity to social security, missiles to Medicaid, and foreign policy to public health policy and the global pandemic, GAO works to hold government programs accountable to all Americans.

Today’s WatchBlog post explores our history, accomplishments and future. You can also learn more by watching the below video message from Gene Dodaro, the U.S. Comptroller General and head of GAO.

Continue reading

Posted in About GAO, Video | Tagged , , , , , , , , , , , , , , | Leave a comment

Getting in Fiscal Shape — How Changing Future Spending and Revenue Could Improve Government Finances (interactive graphic)

The COVID-19 pandemic has caused economic turmoil and resulted in unprecedented federal spending to address the public health and economic crisis. However, even before the pandemic, the federal government was on an unsustainable fiscal path caused by an imbalance in revenue and spending.

As a result, debt held by the public is now projected to reach the highest point in U.S. history – 107% of gross domestic product (GDP) – in 2023. GDP is the total value of the goods and services made in the country. Being highly leveraged in debt could impact the federal government’s ability to meet it security and social needs, as well as its flexibility to address unforeseen events.

In today’s WatchBlog, we explore our work on how to tackle the debt after public health and the economy have recovered from the pandemic. Specifically, we look at the potential effect of changes in future spending and revenue and what Congress should consider when designing, implementing, and enforcing new laws to limit spending or increase revenue.

Tough decisions ahead

Policymakers will have tough decisions to make to get the federal government on a sustainable fiscal path. These decisions may include cutting program spending, increasing revenue, or a combination of both.

Setting a target amount for future debt can help frame fiscal decision making. The magnitude of these changes will depend on which debt-to-GDP targets policymakers want to achieve. But other factors—like discretionary spending and GDP—can also affect the federal debt.

To help Congress visualize all the moving pieces, we developed a tool that examines how changes in spending and revenue could help reach some specific debt targets at the end of a 30-year period. This tool also allows policymakers to test out how changes to different factors could affect the spending and revenue changes needed to reach specific debt targets.

The image below is a snapshot of the interactive tool showing the effects of changes in GDP growth rate. Click the image to go to the interactive tool for more.

Snapshot of Tool – GDP Growth Rate

Setting targets for spending and revenue

The information in the tool above can be used to help develop fiscal rules and targets. Other countries use these constraints and benchmarks to promote fiscal responsibility and sustainability, but the federal government has faced challenges doing so here.

We suggested that Congress consider developing a long-term plan that includes fiscal rules and targets, like a debt-to-GDP target, to manage the federal government’s fiscal outlook. We also identified 7 key considerations for establishing new, effective fiscal rules and targets that Congress could consider when doing so. These include steps such as weighing various design features and tradeoffs, and including flexibility for events like national emergencies.

Posted in About GAO, Fiscal Outlook and The Debt | Tagged , , , , , , , , , , | Leave a comment

What is 5G and Why Does It Matter?

Billed as the next generation of wireless technology, 5G has the potential to transform industries and society now and in the years to come. But what is 5G and what does it make possible?

Today’s WatchBlog explores the latest in our series of reports on 5G and the capabilities and challenges this technology presents.

What is 5G?

5G promises to provide significantly greater speeds and accommodate more devices than current 4G networks. 5G networks also aim to be more flexible, reliable, and secure than existing cellular networks. The figure below compares 4G and 5G on these measures.

What will 5G make possible?

Because 5G will allow for faster communication among more devices, it will enable applications such as 3D video, extended reality—an umbrella term that includes virtual, augmented, and mixed reality—and smart cities (meaning cities that are using data to improve energy use, transportation efficiency, and more). Extended reality applications are expected to impact a wide range of industries, including healthcare, education, transportation, and military. For example, researchers are developing extended reality applications to help fighter pilots maneuver better in poor visibility or darkness. The figure below shows some of the technical advances and anticipated applications of 5G networks.

5G will also allow companies to serve a larger number of more diverse customers and applications over the same network. One way it can do so requires more radio spectrum to be available to 5G. Another way is with a technology known as end-to-end network slicing, which divides network infrastructure into “slices,” with each slice tuned to meet the needs of a particular set of users.

For example, network slicing would allow a wireless carrier to efficiently and simultaneously support connected vehicles, extended reality applications, videoconferencing, and automated industrial machines—above and beyond basic voice or internet access—using the same underlying network. 

What challenges do 5G networks present?

Several challenges can arise with the use of 5G, including cybersecurity risks, privacy issues, and concern from members of the public over possible health effects.

For instance, 5G potentially introduces new modes of cyberattack and opens up new points of attack. 5G networks may also exacerbate existing privacy concerns in so far as 5G introduces new kinds of user data to be collected, including more precise location metrics.

Deployment of 5G may also raise new concerns about the effects of radio frequency exposure on public health. Although there is no consistent evidence of the health risks related to radio waves used for 5G, responding to public concerns remains a challenge, in part due to the unknown long-term health effects.

What’s next?

To address these challenges, policymakers could support nationwide, coordinated cybersecurity monitoring of 5G networks, adopt cybersecurity requirements for 5G networks, and put uniform privacy practices in place for user data, among other policy options.

We discuss these options in some of our recent work examining national security considerations surrounding 5G and the challenges to deploying 5G technology.

5G has the potential to connect many more users and devices, but reaching its full potential will require new technologies and cooperation over the next decade.

Posted in About GAO, Information Technology | Tagged , , , , , , , , , , , , | Leave a comment

Why Do Banks Share Your Financial Information and Are They Allowed To?

In a word: yes.

If you’ve ever applied for a loan, you know that banks and credit unions collect a lot of personal financial information from you, such as your income and credit history. And it’s not uncommon for lenders to then share your information with other vendors, such as insurance companies after the loan is finalized. But why do banks and credit unions share your information and what protections are available to consumers to ensure their privacy?

Today’s WatchBlog explores our new report on this issue. You can also tune in to our new podcast with GAO consumer protection and privacy experts Alicia Puente Cackley and Nick Marinos to learn more.

What types of information do banks collect and why?

Banks and credit unions collect and use many types of personal information to conduct everyday business activities and to market products and services. The information banks collect may be used to create bank statements, monitor for fraud, and determine credit eligibility.

Banks and credit unions also gather information about consumers’ online activities. This information may not identify an individual, but can be used for marketing. For example, when consumers access a financial institution’s website and use mobile or online services, banks and credit unions collect information about their social media and browsing activities, type of computer or mobile device, and network address. Banks mainly use this information to ensure their websites function properly, detect and prevent fraud, and per our report, to tailor advertisements.

Why do banks share your information?

The personal information banks collect and share helps them approve customers for services like loans and set up accounts. But it is also helps them and their marketing partners determine whether they should offer other products and services. Banks share information with various types of third-party vendors including:

  • financial companies like mortgage bankers, securities brokers-dealers, and insurance agents;
  • retailers (for example, home improvement stores), magazine publishers, airline companies, and direct marketers;
  • companies that deliver services on behalf of the lender (for example, mortgage servicers), and government agencies and nonprofits.

Are they allowed to share your information?

Again, the answer is yes. But, banks and credit unions are also required to have processes in place to protect the personal information they collect, use, and share with third parties. Also, customers can opt out of having their information shared under certain conditions. The primary law that governs how financial institutions can use or share personal information about consumers is the Gramm-Leach-Bliley Act of 1999. This law prohibits a financial institution from disclosing a consumer’s nonpublic personal information like your Social Security number, income, and outstanding debt to companies that are not related to the financial institution. Consumers have the right to opt out of some, but not all, sharing of their personal information. There are exceptions. For example, banks don’t have to let you opt out when transferring your information to their loan servicer.

To learn more about this topic and consumer protections, check out our report. And to learn more about our portfolio of work on this topic check out our key issues page on Consumer Financial Protections.


Posted in About GAO, Business Regulation and Consumer Protection, Collections | Tagged , , , , , , , | Leave a comment

Why is CDC Screening Fewer People for Breast and Cervical Cancer?

About 265,000 women in the U.S. were diagnosed with breast or cervical cancer in 2017, according to the most recently available data from the Centers for Disease Control and Prevention. Early screening and detection of cancer, followed by prompt treatment, can save lives. But what happens when people can’t afford such medical care?

For many people in need of breast or cervical cancer screening, the answer has been the CDC’s National Breast and Cervical Cancer Early Detection Program. It has provided cancer screening and diagnostic services to millions of low-income people without health insurance for nearly 30 years. However, the number of people receiving screenings through this program has declined dramatically in recent years.

Today’s WatchBlog explores our new report about this decline. Also, tune in to our podcast with GAO’s John Dicken—a health care policy expert and director in our Health Care team— to learn more.

Less uninsured people = less screenings

In recent years, the number of people screened for breast or cervical cancer annually through the CDC’s Early Detection Program decreased by about 46%—from about 550,000 people in 2011 to just under 300,000 people in 2018.

What’s the cause for such a dramatic drop? CDC officials told us that health insurance coverage expansions under the Affordable Care Act, including Medicaid expansion beginning in 2014, were a major factor. Because the Early Detection Program serves people who lack health insurance coverage, a reduced uninsured population means less people are eligible. Sure enough, a CDC-funded study that estimated program eligibility showed decreases by 48% and 49% (for each type of cancer) between 2011 and 2017.

Figure: People Screened by CDC’s National Breast and Cervical Cancer Early Detection Program, 2011-18

Why the Early Detection Program is still needed

While the Early Detection Program has seen a decrease in demand, there are still millions of people eligible for and in need of the services it offers. A recent study estimated that, as of 2017, about 2.8 million people were eligible for breast cancer screening and about 5.3 million were eligible for cervical cancer screening through the program.

Additionally, declines in demand for the program were not equally shared. Hispanic people and non-Medicaid expansion states have more need for the program than other groups. For example, while the number of Hispanic people screened for breast cancer each year decreased by just 3.3%, the number of non-Hispanic people screened decreased by 66.3%. By 2017, the percentage of Hispanic women eligible for the program was estimated to be about 2 times as high as the percentage of non-Hispanic Black women eligible and about 4 times as high as the percentage of non-Hispanic White women eligible.

How is the CDC responding to program changes?

In response to these trends, the CDC began making some changes to its program. In 2017, the program began focusing more on evidence-based strategies to help people overcome barriers that may prevent them from seeking screening in the first place—things like lack of trust in health care providers or language and cultural barriers.

The CDC also started collecting data related to these changes, but it is still too early to know the effects.

Posted in About GAO, Collections, Health Care | Tagged , , , , , , , | Leave a comment

How GAO Can Help in a Congressional and Presidential Transition

The 117th Congress and the incoming Presidential administration will be taking office in a time that presents significant challenges to the government. These include the coronavirus pandemic and its far-reaching public health and economic effects; the evolving issues around race relations; and government readiness to meet these challenges and others on the horizon.

Today’s WatchBlog looks at resources GAO makes available to Congressmembers, the incoming administration, their staffs, the media, and the public—all to help the government prepare for and respond to these pressing concerns.

Transition resources on

GAO provides information on the key challenges facing the nation, as well as our recommendations in these areas to improve government services or save taxpayer dollars. As a trusted source for fact-based, nonpartisan information about government agencies and programs, GAO is well-positioned to help elected and federal officials and their staff prioritize policy matters and develop oversight agendas.

Today, we launched a new webpage with information on major issues facing the nation and the federal government’s ability to meet strategic challenges. There are also links to GAO’s priority recommendations for improving vital government services or achieving significant savings.

U.S. Comptroller General and head of GAO, Gene Dodaro, talks about the resources available on the Transition page in this video:

Continue reading

Posted in About GAO, Collections | Tagged , , , , , , , , , , , , , , , , | Leave a comment

Continued Surge in COVID Cases Highlights Need for Urgent Federal Action

COVID-19 cases have been increasing since mid-September, further highlighting the importance of federal public health and economic response efforts.

Today’s WatchBlog looks at our fourth report on the federal pandemic response, which describes the status of ongoing efforts and outlines ways to improve the response and prepare for future challenges in these areas:

  • medical supply shortages
  • vaccines and therapeutics
  • COVID-19 testing guidance
  • unemployment insurance
  • stimulus payments
  • nursing home care

Read on to learn more about what we recommended. You can also tune in to our latest podcast on this work, which features two of the directors leading our pandemic response review.

Medical Supply Shortages

The Department of Health and Human Services (HHS) and FEMA have made numerous efforts to mitigate supply shortages. But in our national survey, one-third to one-half of states and territories reported ongoing shortages of some testing-related and other medical supplies.

Most states reported certain PPE supplies (e.g., nitrile gloves) remain scarce, and about one-third of respondents were “greatly” or “completely” concerned about having enough supplies to administer vaccines in the future. Given the surge of COVID-19 cases and these reported medical supply shortages, we believe it is critically important that our previous recommendations on better managing the supply chain be implemented.

Safety and Effectiveness of Vaccines and Therapeutics

Through Operation Warp Speed, the federal government has made a concerted effort to speed the development of vaccines and therapeutics, which we detailed in our November 17 report. The FDA’s Emergency Use Authorizations allow for the emergency use of medical products without full FDA approval or licensure. As of November 9, FDA had used that approach to make four COVID-19 treatments available.

But there are concerns about the safety and effectiveness of these treatments and vaccines. We recommended that the FDA find ways to be more transparent about its scientific safety and effectiveness reviews when issuing Emergency Use Authorizations for therapeutics and vaccines.

Changes in CDC Guidance on COVID-19 Testing

Guidance on COVID-19 testing is expected to evolve as new information about the coronavirus emerges—and it has, frequently. For example, in August, the Centers for Disease Control and Prevention (CDC) changed its stance on the testing of asymptomatic people who had close contact with an infected person.

Changes like these, however, haven’t always been communicated with a scientific explanation—which increases the risk of confusion and could affect public trust in government. We recommended that HHS ensure that the CDC clearly discloses the scientific rationale for any change to testing guidelines at the time the change is made.

Unemployment Insurance and the Economy

The Department of Labor’s weekly news releases don’t accurately estimate the number of individuals actually relying on unemployment insurance. To better understand the role unemployment insurance benefits are playing in the economy, reliable data are needed on both the number of new claimants each week and the number of claimants who continue to rely on unemployment insurance benefits. We recommend that DOL consider options to report the actual number of distinct individuals claiming benefits.

Stimulus Payments

As of September 30, the Department of the Treasury and IRS had disbursed $274.7 billion worth of economic impact payments to individuals. However, not everyone received a payment who was supposed to. Starting in September, IRS sent notices to nearly 9 million people who had not yet received a payment. Treasury and IRS did not plan to track and analyze the results of that mailing effort until next year. We recommend that they do so promptly and publicly report that information.

Nursing Home Care

In September, the Coronavirus Commission on Safety and Quality in Nursing Homes made 27 recommendations to the Centers for Medicare & Medicaid Services (CMS) in such areas as testing, PPE, and visitation. We recommend that CMS quickly develop a plan that more completely explains how it intends to respond to and implement the commission’s recommendations.

In March, VA instructed its contractor to stop in-person inspections due to concerns about COVID-19. We recommend the VA develop a plan to resume inspections of state veterans’ homes, which may include using in-person, a mix of virtual and in-person, or fully virtual inspections. 

Posted in About GAO, Collections, Coronavirus | Tagged , , , , , , , , , , , | Leave a comment