The overview indicates that Project SAFE has taken steps toward ensuring an individual's right to privacy in information systems by (1) demonstrating an acceptable degree of protection for the pilot agency data base, (2) analyzing and documenting security measures and their attendant costs in a complex data center, and (3) assessing the general applicability of this new body of knowledge for government and industry at large. The overview also considers the interdisciplinary approach used, the operating environment, the organizational setting, the information system's environment, project constraints, and project exclusions. Action steps taken to develop better security measures for privacy are also outlined. Elements of security identified and developed included security administration, information privacy and security education, technology requirements and considerations, and legislative considerations. In considering the economics of security, it is advised that to determine the most cost-effective mix of safeguards, the following information must be obtained: the probability of information exposure, the value of the information in the systems, and the types and costs of safeguards available to protect the information. Following a description of a method for determining the best security system, a summary of general conclusions and recommendations is provided. Recommended security practices cover administration, change control, software security measures, terminal access security measures, systems design security measures, physical plant security measures, and contingency planning and backup plans. For related volumes, see NCJ 89626-28, 89630-32, and 89655-60.