What GAO Found Manufacturers are developing fully electric and hybrid-electric aircraft, mostly for short-range and medium-range flying. These aircraft vary widely in design. Some require a runway for takeoff, while others take off vertically, for example, from the top of a building. They also have a wide variety of potential uses, including air taxi service and cargo transport. The Federal Aviation Administration (FAA) and other entities have also researched technologies that could potentially enable longer-range uses and broader deployment of electric aircraft in the future. Examples of Potential Uses for Electric Aircraft The infrastructure to support electric aircraft at U.S. airports is currently limited. According to FAA, as of December 2025, 47 airports have identified charging stations for electric aircraft in airport plans. The majority of these airports are part of the manufacturer BETA Technologies’ network of charging stations. According to FAA officials and selected stakeholders, airports face a variety of challenges related to installing infrastructure for electric aircraft, including cost, uncertainty about demand, and availability of reliable electricity. As of March 2026, FAA is evaluating electric aircraft and engine designs for certification on a case-by-case basis, but is considering regulatory changes, such as developing dedicated airworthiness standards for electric vertical takeoff and landing aircraft, that could standardize its approach to evaluating these products in the long term. Stakeholders described challenges with FAA’s approach, including insufficient FAA staff with expertise in electric propulsion and limited standardization in the certification process. According to FAA officials, they have hired engineers in disciplines such as propulsion, and deployed experienced personnel as needed to emerging technology areas. However, ensuring that planned skill gap assessments are quantitative and include all mission-critical occupations, as GAO recommended in 2021, would help FAA better understand the skills its workforce needs to respond to technological changes. Why GAO Did This Study Electric propulsion aircraft have the potential to lower operating costs, increase access to air service for regional airports, and reduce environmental impacts and noise from aviation. However, FAA has not yet issued a type certification for a manned electric aircraft as of March 2026, and when such aircraft will be able to commercially operate is not clear. Section 1012 of the FAA Reauthorization Act of 2024 includes a provision for GAO to assess the safe and scalable operation and integration of electric aircraft into the National Airspace System. This report describes (1) the types and uses of electric aircraft in development; (2) the extent of infrastructure deployed at U.S. airports to support electric aircraft, and any challenges airports face in deploying infrastructure; and (3) FAA’s approach to certificating the airworthiness of electric aircraft designs, and related challenges identified by aviation industry stakeholders. GAO analyzed literature on electric aircraft published between 2019 and 2024 and used information from these studies to supplement testimonial evidence from interviews with aviation industry stakeholders and federal officials. GAO also analyzed public information on government and industry efforts to develop electric aircraft. GAO interviewed officials from FAA, the National Aeronautics and Space Administration, the National Laboratory of the Rockies, and a nongeneralizable selection of 30 aviation industry stakeholders, including aircraft and engine manufacturers, airports, fixed-base operators, state departments of transportation, and a flight training school. Eight interviews were conducted as part of site visits to Washington State and Ohio. For more information, contact Derrick Collins at CollinsD@gao.gov.

What GAO Found In May 2025, GAO identified 29 priority recommendations for the Department of Veterans Affairs (VA). Since then, VA has implemented two of those recommendations. In May 2026, GAO identified an additional 3 priority recommendations, bringing the total to 30. GAO is highlighting the following three areas that warrant timely and focused attention: Improving quality and timely access to health care, Modernizing information technology, and Enhancing acquisition management. Addressing GAO's recommendations in these areas would help VA respond to risks that could interfere with the quality and timeliness of veterans' health care; achieve cost savings and better oversee information technology efforts; and address challenges with its high-risk acquisition management. Taking action to implement all of GAO's open priority recommendations would help enhance the efficiency and effectiveness of operations across VA. Why GAO Did This Study Priority open recommendations are the GAO recommendations that warrant priority attention from heads of key departments or agencies because their implementation could save large amounts of money; improve congressional and/or executive branch decision-making on major issues; eliminate mismanagement, fraud, and abuse; or make progress toward addressing a high risk or duplication issue, among other benefits. Since 2015, GAO has sent letters to selected agencies to highlight the importance of implementing such recommendations. For more information, contact Jess Farb at farbj@gao.gov.

What GAO Found Threat actors, such as state-sponsored hackers or criminal groups, are increasingly capable of carrying out cyberattacks on water and wastewater systems. This capability comes from the increasing connections between operational technologies—which control valves, pumps, and other physical devices—and internet-enabled devices. Internet-enabled devices can provide remote access to control pumps and other infrastructure. Remote access can be helpful over large and widely distributed water and sewer systems. However, the convergence of operational technologies and internet-enabled devices has also increased the ability of online attackers to reach critical operational systems. Water and wastewater systems have faced challenges reducing their vulnerability to cyberattacks. For example, systems have varying levels of cybersecurity capabilities. Systems are also managing workforce shortages and older technologies that are difficult to update with modern cybersecurity protections. Systems must also prioritize limited financial resources, so meeting regulatory requirements for clean and safe water may out-compete cybersecurity investments. Water and Wastewater Systems are Vulnerable to Cyberattack In 2024, GAO found that the Environmental Protection Agency (EPA) had not performed key cybersecurity risk management steps for the sector and made recommendations to address these shortfalls. In response, EPA conducted a water sector risk assessment and developed a risk management plan to guide its efforts to mitigate priority risks. GAO also reported that EPA had faced legal challenges in its efforts to ensure water and wastewater entities took action to improve their cybersecurity. In response to GAO’s recommendation to evaluate the sufficiency of its legal authorities, EPA identified several critical gaps. Specifically, EPA identified a lack of cybersecurity risk assessment requirements for wastewater systems and certain drinking water systems. EPA also identified significant limitations in its authority under federal drinking water and clean water laws to address those gaps. GAO will continue to monitor how EPA addresses these limitations. Why GAO Did This Study Recent cyber incidents and security alerts highlight the vulnerability of the close to 170,000 water and wastewater systems that make up the U.S. water and wastewater systems sector (water sector). The water sector is one of 16 critical infrastructure sectors. GAO has identified the cybersecurity of critical infrastructure as a component of the cybersecurity high-risk area, which is one of nine high-risk areas needing focused executive and congressional attention. A successful cyberattack on a water or wastewater system could lead to service disruptions that harm public health or the environment. These systems have already experienced ransomware attacks, which use malicious software to deny access to IT systems or data. EPA is responsible for leading, coordinating, and supporting activities to reduce cybersecurity risk to the water sector. EPA works in partnership with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and other federal, state, and local entities. This statement addresses the cybersecurity challenges facing the water sector and EPA’s actions to address the sector’s cybersecurity risks. This statement is based on GAO’s August 2024 report on cybersecurity risks to U.S. water and wastewater systems (GAO-24-106744); documents provided by EPA in response to GAO’s recommendations; and publicly available information, as of May 2026, regarding challenges and EPA’s water sector cybersecurity efforts. For more information, contact David B. Hinchman at hinchmand@gao.gov or J. Alfredo Gómez at gomezj@gao.gov.

What GAO Found There are 18 intelligence community (IC) elements in the federal government. These elements have implemented a range of guidance through various sources to provide protections to service members under the Uniformed Services Employment and Reemployment Rights Act of 1994, as amended (USERRA). Of these 18 IC elements, seven have statutory requirements under USERRA that are distinct from those of other federal agencies. These statutory requirements are delineated in USERRA under sections 4315 and 4325 of title 38, U.S. Code and include statutory provisions that apply to the seven IC elements listed in the figure below.   These seven IC elements have statutory requirements to provide reemployment protections under USERRA and include five provisions that are statutorily required to be in their guidance. However, GAO found that four of these IC elements—DIA, NRO, NSA, and FBI—have not included all five of these provisions in their guidance. Better meeting the intent of sections 4315 and 4325 of title 38, U.S. Code, could help these four elements stave off potential issues. For example, it could help ensure that service members are not being discriminated against because of their military service. By including in their guidance all five of the IC reemployment provisions that are statutorily required, DIA, NRO, NSA, and FBI can better ensure service members are informed of their rights under USERRA. GAO also found that the seven IC elements have reemployed all service members that went on military duty for 30 days or more from fiscal years 2019 through 2025, according to data reported by officials from these elements. Why GAO Did This Study USERRA prohibits employers from discriminating and retaliating against veterans and service members because of their military status or service. Specifically, USERRA protects the employment and reemployment rights of service members who temporarily leave government or private sector civilian jobs to perform military or other uniformed service. The Senator Elizabeth Dole 21st Century Veterans Healthcare and Benefits Improvement Act includes a provision for GAO to examine how the IC protects rights afforded to service members under USERRA. This report describes the guidance that IC elements have implemented to provide protections to service members under USERRA, and examines the extent to which the seven IC elements include the five provisions that are statutorily required to be in their guidance. GAO assessed guidance against statutory requirements under USERRA, analyzed reemployment and claims data, and interviewed relevant officials about their efforts to provide reemployment protections to service members.

What GAO Found The Veterans Health Administration (VHA) uses the services of external entities, known as business associates, to act on behalf of health care providers or other business associates to create, receive, maintain, or transmit protected health information (PHI). Veterans Affairs (VA) has implemented PHI sharing agreements with these entities to ensure they address requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. GAO reviewed 73 randomly selected sharing agreements and found that 100 percent of them included all 12 HIPAA Privacy Rule requirements for use and disclosure of PHI. Further, VHA documented responsibilities for conducting performance audits to confirm that external entities are protecting veterans’ PHI. VA took steps to secure the health information in a key system used by its Million Veteran Program (MVP), which is focused on examining how genetics, lifestyle, military experiences, and exposures affect health and wellness in veterans. However, deficiencies existed in certain cybersecurity controls related to asset and risk management; configuration management; identity and access management; and continuous monitoring and logging. As a result of these deficiencies, VA had reduced assurance of the confidentiality and integrity of sensitive health information in the MVP. In September 2025, GAO made 13 recommendations to VA to address these deficiencies. Since September 2025, VA implemented nine of the 13 recommendations and partially implemented three others (see figure). GAO will continue to monitor VA’s progress in implementing the remaining recommendations. Figure: VA Progress, as of March 2026, in Addressing 13 GAO Recommendations Made in September 2025 Why GAO Did This Study Within VA, VHA oversees the delivery of health care services to millions of veterans. The amount of PHI used by VHA and shared with external entities highlights the importance of protecting the privacy of PHI. Further, VA is responsible for the cybersecurity of veterans’ sensitive health data, such as information in systems used to support its MVP. Since launching in 2011, about 1 million veterans have joined MVP, making it the nation’s largest biorepository of veteran data. GAO was asked to review VA’s privacy and cybersecurity efforts. In September 2025, GAO issued a sensitive report with limited distribution on the extent to which VHA oversaw the privacy of veterans’ health information shared with external entities, and the extent to which VA protected the confidentiality and integrity of veterans’ health information in its MVP, among other things. In that report, GAO identified security control deficiencies in a system supporting MVP and made 13 recommendations to address them. This report is a public version of the September 2025 report, with sensitive information removed. For this public report, GAO also determined the extent to which VA had taken corrective actions to address the previously identified security control deficiencies and the 13 related recommendations for improvement. GAO reviewed supporting documents and interviewed agency officials regarding VA’s actions to address these recommendations. For more information, contact Jennifer R. Franks at FranksJ@gao.gov.

What GAO Found In 2022 The Office of Science and Technology Policy (OSTP) directed federal agencies to make research results freely accessible to the public immediately when published. In response, seven of the nine agencies GAO reviewed issued updated plans or policies. The Department of Transportation and the Nuclear Regulatory Commission were still drafting updated plans and policies at the time of our review. Five agencies’ plans or policies fully met OSTP’s guidance. The National Science Foundation’s and U.S. Department of Agriculture’s plans did not fully address OSTP’s guidance for reuse rights. These rights describe how others can share, modify, or use the research. Better alignment with OSTP’s guidance could help ensure this research can be built upon by others. Amid the federal shift to public access, publishers are changing their business models to remain viable without subscription revenue and will require authors to pay to have their publications made open access. Agencies allow grant funds to cover these charges. Assuming historical patterns continue, the new policies and publishers' responses may result in significant agency cost growth. This would mean less money for research (see figure). However, only the National Institutes of Health has planned to manage these potential costs. Additional analysis could help other agencies better manage costs, which may triple annually. Estimated Spending on Publishing Charges for Selected Agencies Increased public access can improve the visibility of research and enable readers to identify problems with specific publications more quickly. However, according to stakeholders GAO spoke with, pay-to-publish models may encourage publishers to lower publication standards to publish more articles. In 2024, OSTP published an economic analysis on expanding public access, but it did not fully reflect all five of GAO’s key elements of an economic analysis. Notably, the scope did not address the goal of estimating the potential costs and other effects. Ensuring that future analyses are consistent with the key elements can help agencies better understand the cost implications of their new policies. Why GAO Did This Study The U.S. government is one of the largest funders of scientific research globally. The results of federally funded research are ordinarily shared through scholarly publications. But many of these publications were restricted to paid subscribers. GAO was asked to examine agencies’ efforts to implement OSTP’s 2022 guidance. This report examines: (1) the extent to which selected agencies' public access plans and policies are consistent with federal guidance, (2) how the scholarly publishing industry is responding to the federal shift to public access and how this affects selected agencies and journal market dynamics, (3) the potential effects of expanding public access to federally funded research, and (4) the extent to which OSTP’s 2024 economic analysis of public access followed GAO’s key elements for an economic analysis. GAO selected nine agencies with a mix of research funding levels and assessed their public access plans and policies against OSTP guidelines. GAO reviewed available literature and data and interviewed nongovernmental stakeholders, such as publishers and universities. Further, GAO assessed OSTP’s economic analysis against GAO’s key elements that serve as a framework for assessing an economic analysis.

How to Use the Framework GAO’s framework is a method for assessing AI capabilities and capacity in the U.S. and its competitiveness. A nation’s competitiveness in AI is how well it develops or deploys AI technologies compared to other nations. Policymakers may be interested in knowing how the U.S. compares to other nations in the AI race. GAO developed this framework to help analysts from government, industry, academia, and elsewhere obtain and provide structured information to policymakers about AI competitiveness. The complexity of factors affecting AI competitiveness makes it difficult to decide which factors are more important than others. The framework organizes relevant factors into four pillars: Science & Technology, Human Capital, Governance, and Economy. Each pillar is further divided into subpillars, such as R&D; laws, regulations and policies; workforce; and investment and financing. Analysts can use these pillars and subpillars to systematically consider the breadth of factors relevant to the needs of policymakers seeking information on our nation’s AI capabilities and capacity versus those of other nations. Factors Affecting AI Competitiveness Analysts can use the framework for different purposes and policymaker needs. For example, if U.S. policymakers express interest in helping U.S. companies export AI technologies, analysts can use the framework to rank the U.S. and its peers in their progress toward outcomes of AI competitiveness, such as the ability to influence global technology standards. These rankings can in turn inform policies to help the U.S. improve its AI capabilities, capacity, and competitiveness. The framework involves four steps that allow analysts to tailor their assessment: Focus the assessment by selecting targeted outcomes of AI competitiveness. Identify indicators for measurement or evaluation. Conduct data analysis. Develop policy options and final product. Framework for Assessing AI Competitiveness   Why GAO Developed This Framework Artificial intelligence (AI) could spur economic growth, enhance societal well-being, and improve national security. These possibilities have led to a global AI competition, in which nations that fall behind risk losing economic advantages and global influence. To be competitive, the U.S. needs to consider risks of AI deployment, such as job dislocation and increased energy consumption. Assessing U.S. competitiveness in AI presents challenges. The ability of the U.S. to successfully develop and deploy AI technologies depends on a broad mix of factors, including private and public investment, talent attraction, regulatory environments, and computing infrastructure. GAO was asked to develop a framework to assess U.S. AI capabilities, capacity, and competitiveness compared to other nations. GAO developed this framework to help analysts prioritize among the many factors that affect AI competitiveness. The framework is also designed to help analysts develop policy options to improve U.S. competitiveness. To develop this framework, GAO conducted a literature search to find articles on frameworks and measurements to evaluate AI capabilities and capacity and reviewed key reports on AI competitiveness and assessment methods. GAO also interviewed, surveyed, and met with experts from government agencies, academia, industry, nonprofit organizations, and more. For more information, contact Candice Wright at WrightC@gao.gov. or Sterling Thomas at ThomasS2@gao.gov.