WASHINGTON—The State Department identified 91 security violations by 38 individuals in its review of classified information on former Secretary of State Hillary Clinton’s personal email server.

The report, the culmination of several years of work by the department, found there was “no persuasive evidence of systemic, deliberate mishandling of classified information” by anyone in government, according to a copy of the report provided to the office of Sen. Chuck Grassley (R., Iowa), which shared it with The Wall Street Journal.

The review concluded that Mrs. Clinton’s use of a personal email server for government business put State Department information at a greater risk of compromise because a private server “lacks the network monitoring and intrusion detection capabilities of State Department networks.”

The report also found: “While there were some instances of classified information being inappropriately introduced into an unclassified system in furtherance of expedience, by and large, the individuals interviewed were aware of security policies and did their best to implement them in their operations.”

None of the 38 individuals were named in the report. If any remain in government, the State Department could take internal disciplinary action against them over the security lapses. They are unlikely to face any other penalties.