What did the State Department Inspector General conclude about Clinton’s email practices?

1. The core finding: private server was the wrong tool for public records

The IG’s 83‑page review judged Clinton’s use of a personal email account on a private server to conduct official State Department business as “not an appropriate method” for preserving records and explicitly concluded she “did not comply with the Department’s policies,” undermining her public claims that the arrangement had been permitted by the department ^{[1] [5] [6]}.

2. No documented approval and would have been denied

Inspectors reported they “found no evidence” Clinton requested or received guidance or approval from State Department legal or information security officials for using a private server, and they said that if such a request had been made it would have been denied by bureaus like Diplomatic Security and Information Resource Management because of the security risks ^{[3] [2] [7]}.

3. Security risks, warnings, and incomplete demonstrations of protections

The IG cataloged warnings within State about the cybersecurity risks of personal email and cited examples — including a 2011 memo and staff concerns — noting Clinton had been briefed about such risks and that technical staff said she never demonstrated her private system met minimum security requirements; the office also documented attempts to breach the server though it noted the FBI later found no direct evidence the system had been successfully hacked ^{[4] [7] [8]}.

4. Record preservation: incomplete and inconsistent with rules

The report concluded Clinton’s 2014 production of work‑related emails to the State Department was “incomplete” in places and that using a private server skirted the department’s record‑keeping rules; the IG emphasized that by Clinton’s tenure the department’s guidance on electronic records had become “considerably more detailed and more sophisticated,” making her practices easier to evaluate against clear standards ^{[9] [10] [6]}.

5. Context: other secretaries, systemic weaknesses, and contested interpretations

While the IG criticized Clinton, it also reviewed prior secretaries and found “longstanding systemic weaknesses” in the department’s handling of electronic records and faulted others (notably Colin Powell) for similar preservation failures, a point Clinton’s campaign used to argue her practices were consistent with some predecessors even as critics highlighted the distinct security and preservation problems of using a private server ^{[10] [11] [12]}.

6. How the finding fit with parallel investigations and political reactions

The IG’s administrative conclusions complemented but did not substitute for the FBI and DOJ criminal inquiry outcomes; subsequent DOJ/OIG and FBI reviews looked at law enforcement handling and at whether classified information had been mishandled, with the FBI later saying it found no direct evidence the server was successfully hacked and DOJ reviews declining prosecution while noting carelessness in handling classified emails ^{[1] [8] [13]}. Politically, the IG report became fuel for opponents and a focus of Clinton allies’ counterarguments that the department itself had been slow to modernize recordkeeping ^{[2] [11]}.

7. Bottom line and evidentiary limits

The State Department inspector general’s authoritative administrative judgment was that Clinton’s private email/server arrangement violated department recordkeeping policy, lacked documented approval, posed security risks, and resulted in incomplete preservation of records; the IG also situated those findings within widespread, long‑term State Department shortcomings, while noting the report did not itself determine criminal liability — separate criminal investigatory conclusions were reached by other agencies ^{[1] [3] [4] [8]}.