Privacy Act of 1974, as Amended; Proposed Amended and New Routine Uses

AGENCY:

Social Security Administration (SSA).

ACTION:

Proposed routine uses.

SUMMARY:

In accordance with the Privacy Act (5 U.S.C. 552a(e)(4) and (e)(11)), we are issuing public notice of our intent to amend one routine use and add a new routine use applicable to our system of records entitled, Master Files of Social Security Number (SSN) Holders and SSN Applications, 60-0058 (the Enumeration System). The two routine uses to the Enumeration System will:

(1) Allow us to verify SSNs and disclose the results to State agencies that issue non-driver's license identification documents to the public; and

(2) Allow us to verify the SSN, disclose the results, and provide citizenship status information in our records to State agencies that administer Medicaid and the State Children's Health Insurance Program (CHIP) to assist them in determining new applicants' entitlement to benefits provided by the CHIP.

We discuss the routine uses in greater detail in the Supplementary Information section below. We invite public comment on this proposal.

DATES:

We filed a report of the routine uses with the Chairman of the Senate Committee on Homeland Security and Governmental Affairs, the Chairman of the House Committee on Oversight and Government Reform, and the Director, Office of Information and Regulatory Affairs, Office of Management and Budget (OMB) on November 20, 2009. The routine uses will become effective on December 29, 2009 unless we receive comments before that date that would result in a contrary determination.

ADDRESSES:

Interested persons may comment on this publication by writing to the Executive Director, Office of Privacy and Disclosure, Office of the General Counsel, Social Security Administration, Room 3-A-6 Operations Building, 6401 Security Boulevard, Baltimore, Maryland 21235-6401. All comments we receive will be available for public inspection at the above address.

FOR FURTHER INFORMATION CONTACT:

Talya Harris, Social Insurance Specialist, Disclosure Policy Development and Services Division 2, Office of Privacy and Disclosure, Office of the General Counsel, Social Security Administration, 3-A-6 Operations Building, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, telephone: (410) 965-6176, e-mail: talya.harris@ssa.gov.

SUPPLEMENTARY INFORMATION:

I. Background and Purpose of the Routine Uses

A. Disclosure of SSN Verifications for State Identification Card Programs

The Social Security Act (Act) authorizes State Motor Vehicle Administration agencies (MVAs) to use the SSN to administer laws relating to issuing driver's licenses and non-driver identity cards. Sections 205(c)(2)(C)(i) and 205(r)(8) of the Act, 42 U.S.C. 405(c)(2)(C)(i) and 405(r)(8). The Act permits the use of the SSN as a means for verifying personal information of the applicants. State MVA agencies may also require any person to furnish his or her SSN to the State MVA agency or to any agency having administrative responsibility for the driver's license or identity card programs. To support this requirement, we currently have a routine use that allows us to verify the SSN and disclose the results to State MVA agencies so that States can verify the information that they collect as part of their driver's license programs. Under the existing routine use, State MVA agencies may also use this information to issue identification cards for applicants who do not apply for driver's licenses. However, some States have identification card programs (ICP) for the public administered by agencies other than their MVAs. These agencies need to receive the same information to verify the information on people who apply for identification cards. To support this need, we are amending the existing routine use to allow us to disclose the results of the SSN verification to State agencies that administer ICPs for the public.

B. Disclosure of Citizenship Data for the State Children's Health Insurance Program

On February 4, 2009, President Obama signed the Children's Health Insurance Program (CHIP) Reauthorization Act of 2009 (Pub. L. 111-3). This legislation allows States to subsidize premiums for employer-provided group health coverage for eligible children and families. Section 211 gives States the option to verify citizenship information with us for purposes of establishing CHIP eligibility. State agencies that administer the CHIP may submit the applicant's name, SSN, and date of birth (DOB) to us to verify. We will confirm whether new CHIP applicants' declarations of citizenship are consistent with the information in our records by verifying the submitted names, SSNs, and DOBs against our Enumeration System records and provide those verification results, including indicator codes of citizenship data that may be part of the record. State agencies administering the CHIP are responsible for resolving any discrepancies with the applicant. If the investigation indicates there is a discrepant SSN in our records, State agencies will direct those applicants to one of our local offices for assistance.

II. Proposed Amended and New Routine Uses

A. State Identification Card Programs

As described above, we already verify SSNs for State MVAs under an existing routine use in the Enumeration System. To comply with the Privacy Act, we will amend routine use number 33 to allow us to disclose SSN verification information to State agencies that also administer ICPs for the public. The amended routine use reads:

To State motor vehicle administration agencies (MVA) and to State agencies charged with administering State identification card programs (ICP) for the public to verify names, dates of birth, and Social Security numbers on those persons who apply for, or for whom the State issues, driver's licenses or State identification cards. When we verify this information, we will indicate whether the information the State MVA or ICP provides matches or does not match the records covered by this system of records. We will also indicate which information the State submits does not match our records. If the information does not match our records, we will not disclose the actual information in our records.

B. State Children's Health Insurance Program

The Privacy Act requires that agencies publish a notice in the Federal Register of “each routine use of the records contained in the system, including the categories of users and the purpose of such use.” 5 U.S.C. 552a(e)(4)(D). We developed the following routine use, number 43, for the Enumeration System that will allow us to disclose information to the appropriate State agencies charged with administering CHIP. The routine use reads:

To State agencies charged with administering Medicaid and the Children's Health Insurance Program (CHIP) to verify personal identification data (i.e., name, SSN, and date of birth) and to disclose citizenship status information in our records to assist these agencies with determining new applicants' entitlement to benefits provided by the CHIP.

III. Compatibility of Routine Uses

We can disclose information when the disclosure is required by law (20 CFR 401.120). Section 205(c)(2)(C)(i) of the Social Security Act permits States to collect the SSN to administer their driver's license and ICP programs and section 205(r)(8) allows us to verify information for State MVAs. In addition, section 211 of the CHIP Reauthorization Act of 2009 specifically allows States to verify assertions of citizenship with us.

We can also disclose information when the purpose is compatible with the purpose for which we collected the information and is supported by published routine uses (20 CFR 401.150). Individuals can use driver's licenses and identification cards the MVAs and other State agencies administering ICPs issue to establish their identity for Federal, State, and local benefit program purposes. Disclosures for the CHIP are also compatible because the State agencies will use the information to assist in determining new applicants' entitlement to the benefits the program provides. For these reasons, we find that verifying the SSN for State MVAs and other State agencies that administer ICPs for the public and verifying the citizenship status information in our records to State agencies charged with administering the CHIP serve both the statutory and compatibility requirements to permit these routine use disclosures.

IV. Effect of the Routine Uses on the Rights of Individuals

The routine uses will permit us to verify the identification data used by State MVAs, other State agencies charged with administering ICPs for the public, and State agencies administering the CHIP. We will adhere to all applicable statutory requirements for disclosure, including those under the Social Security Act and the Privacy Act. We will disclose SSN verification information, including disclosure of citizenship status information in our records to the CHIP agencies, only under written agreements that stipulate that the States will collect, verify, and redisclose information we disclose only as provided for by Federal law. We will also safeguard from unauthorized access the data we receive from these entities to verify. Thus, we do not anticipate that the routine uses will have any unwarranted adverse effect on the rights of persons about whom we will disclose information.

Social Security Administration

Notice of Proposed Amended and New Routine Uses Required by the Privacy Act of 1974, as Amended

System Number:

60-0058.

System name:

Master Files of Social Security Number (SSN) Holders and SSN Applications, Social Security Administration (SSA).

Security Classification:

None.

System Location:

SSA, Office of Telecommunications and Systems Operations, 6401 Security Boulevard Baltimore, Maryland 21235.

Categories of individuals covered by the system:

This system contains a record of each person who has applied for and to whom we have assigned a Social Security Number (SSN). This system also contains records of each person who applied for an SSN, but to whom we did not assign one because: (1) his or her application was supported by documents that we suspect may be fraudulent and we are verifying the documents with the issuing agency; (2) we have determined the person submitted fraudulent documents; (3) we do not suspect fraud but we need to further verify information the person submitted or we need additional supporting documents; or (4) we have not yet completed processing the application.

Categories of records in the system:

This system contains all of the information received on applications for SSNs (e.g., name, date and place of birth, sex, both parents' names, and race/ethnic data). In the case of an application for an SSN for an individual who has not yet attained the age of 18, we also maintain the SSNs of the parents. We also collect:

• Changes in the information on the applications the SSN holders submit;
• Information from applications supported by evidence we suspect or determine to be fraudulent, along with the mailing addresses of the persons who filed such applications and descriptions of the documentation they submitted;
• Cross-references when multiple numbers have been issued to the same individual;
• A form code that identifies the Form SS-5 (Application for a Social Security Number) as the application the person used for the initial issuance of an SSN, or for changing the identifying information (e.g., a code indicating original issuance of the SSN, or that we assigned the person's SSN through our enumeration at birth program);
• A citizenship code that identifies the number holder status as a U.S. citizen or the work authorization of a non-citizen;
• A special indicator code that identifies type or questionable data or special circumstance concerning an application for an SSN (e.g., false identity; illegal alien; scrambled earnings;
• An SSN assigned based on harassment, abuse, or life endangerment); and
• An indication that a person has filed a benefit claim under a particular SSN.

Authority for maintenance of the system:

Sections 205(a) and 205(c)(2) of the Social Security Act (42 U.S.C. §§ 405(a) and 405(c)(2)).

Purpose:

We use information in this system to assign SSNs. We also use the information for a number of administrative purposes:

• For various Old Age, Survivors, and Disability Insurance, Supplemental Security Income, and Medicare/Medicaid claims purposes including using the SSN itself as a case control number, as a secondary beneficiary cross-reference control number for enforcement purposes, for verification of claimant identity factors, and for other claims purposes related to establishing benefit entitlement;
• As a basic control for retained earnings information;
• As a basic control and data source to prevent us from issuing multiple SSNs;
• As the means to identify reported names or SSNs on earnings reports;
• For resolution of earnings discrepancy cases;
• For statistical studies;

The information is also used:

• By our Office of the Inspector General, Office of Audit, for auditing benefit payments under Social Security programs;
• By the Department of Health and Human Services (DHHS), Office of Child Support Enforcement for locating parents who owe child support;
• By the National Institute of Occupational Safety and Health for epidemiological research studies required by the Occupational Safety and Health Act of 1974;
• By the DHHS Office of Refugee Resettlement for administering Cuban refugee assistance payments;
• By the DHHS Centers for Medicare and Medicaid Services (CMS) for administering Titles XVIII and XIX claims;
• By the Secretary of the Treasury for use in administering those sections of the Internal Revenue Code of 1986 that grant tax benefits based on support or residence of children. These provisions apply specifically to SSNs parents provide on applications for persons who are not yet age 18; and
• To prevent the processing of an SSN card application for a person whose application we identified was supported by evidence that either:

○ We suspect may be fraudulent and we are verifying it, or,

○ We determined the person submitted fraudulent information.

We alert our offices when an applicant who attempts to obtain an SSN card visits other offices to find one that might unwittingly accept fraudulent documentation.

Routine uses of records covered by the system, including categories of users and the purposes of such uses:

Routine use disclosures are as indicated below; however, we will not disclose any information defined as “return or return information” under 26 U.S.C. 6103 of the Internal Revenue Code (IRC) unless authorized by statute, the Internal Revenue Service (IRS), or IRS regulations.

1. To employers in order to complete their records for reporting wages to us pursuant to the Federal Insurance Contributions Act and section 218 of the Social Security Act.

2. To Federal, State, and local entities to assist them with administering income maintenance and health-maintenance programs, when a Federal statute authorizes them to use the SSN.

3. To the Department of Justice, Federal Bureau of Investigation and United States Attorneys Offices, and to the Department of Homeland Security, United States Secret Service, for investigating and prosecuting violations of the Social Security Act.

4. To the Department of Homeland Security, United States Citizenship and Immigration Services, for identifying and locating aliens in the United States pursuant to requests received under section 290(b) of the Immigration and Nationality Act (8 U.S.C. 1360(b)).

5. To a contractor for the purpose of collating, evaluating, analyzing, aggregating, or otherwise refining records when we contract with a private firm. We will require the contractor to maintain Privacy Act safeguards with respect to such records.

6. To the Railroad Retirement Board to:

(a) Administer provisions of the Railroad Retirement and Social Security Act relating to railroad employment; and

(b) Administer the Railroad Unemployment Insurance Act.

7. To the Department of Energy for its epidemiological research study of the long-term effects of low-level radiation exposure, as permitted by our regulations at 20 CFR 401.150(c).

8. To the Department of the Treasury for:

(a) Tax administration as defined in section 6103 of the IRC (26 U.S.C. 6103);

(b) Investigating the alleged theft, forgery, or unlawful negotiation of Social Security checks; and

(c) Administering those sections of the IRC that grant tax benefits based on support or residence of children. As required by section 1090(b) of the Taxpayer Relief Act of 1997, Pub. L. 105-34, this routine use applies specifically to the SSNs of parents shown on an application for an SSN for a person who has not yet attained age 18.

9. To a congressional office in response to an inquiry from that office made at the request of the subject of a record or a third party on that person's behalf.

10. To the Department of State for administering the Social Security Act in foreign countries through facilities and services of that agency.

11. To the American Institute, a private corporation under contract to the Department of State, for administering the Social Security Act on Taiwan through facilities and services of that agency.

12. To the Department of Veterans Affairs (DVA), Regional Office, Manila, Philippines, for administering the Social Security Act in the Philippines and other parts of the Asia-Pacific region through facilities and services of that agency.

13. To the Department of Labor for:

(a) Administering provisions of the Black Lung Benefits Act; and

(b) Conducting studies of the effectiveness of training programs to combat poverty.

14. To DVA:

(a) To validate SSNs of compensation recipients/pensioners in order to provide the release of accurate pension/compensation data by DVA to us for Social Security program purposes; and

(b) Upon request, for purposes of determining eligibility for, or amount of DVA benefits, or verifying other information with respect thereto.

15. To Federal agencies that use the SSN as a numerical identifier in their record-keeping systems, for the purpose of validating SSNs.

16. To the Department of Justice (DOJ), a court, other tribunal, or another party before such court or tribunal when:

(a) SSA or any of our components; or

(b) Any SSA employee in his or her official capacity; or

(c) Any SSA employee in his or her individual capacity when DOJ (or SSA when we are authorized to do so) has agreed to represent the employee; or

(d) The United States or any agency thereof when we determine that the litigation is likely to affect the operations of SSA or any of our components, is party to litigation or has an interest in such litigation, and we determine that the use of such records by DOJ, a court, other tribunal, or another party before such court or tribunal is relevant and necessary to the litigation. In each case, however, we must determine that such disclosure is compatible with the purpose for which we collected the records.

17. To State audit agencies for auditing State supplementation payments and Medicaid eligibility considerations.

18. To the social security agency of a foreign country to carry out the purpose of an international social security agreement entered into between the United States and the other country, pursuant to section 233 of the Social Security Act.

19. To Federal, State, or local agencies (or agents on their behalf) for the purpose of validating SSNs those agencies use to administer cash or non-cash income maintenance programs or health maintenance programs, including programs under the Social Security Act.

20. To third party contacts (e.g., State bureaus of vital statistics and the Department of Homeland Security) that issue documents to individuals when the party to be contacted has, or is expected to have, information that will verify documents when we are unable to determine if such documents are authentic.

21. To DOJ, Criminal Division, Office of Special Investigations, upon receipt of a request for information pertaining to the identity and location of aliens for the purpose of detecting, investigating, and, when appropriate, taking legal action against suspected Nazi war criminals in the United States.

22. To the Selective Service System for the purpose of enforcing draft registration pursuant to the provisions of the Military Selective Service Act (50 U.S.C. App. § 462, as amended by section 916 of Pub. L. 97-86).

23. To contractors and other Federal agencies, as necessary, to assist us in efficiently administering our programs. We will disclose information under this routine use only in situations in which we may enter a contractual or similar agreement with a third party to assist in accomplishing an agency function relating to this system of records.

24. To organizations or agencies such as prison systems required by Federal law to furnish us with validated SSN information.

25. To the General Services Administration and the National Archives and Records Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by the NARA Act of 1984, information that is not restricted from disclosure by Federal law for the their use in conducting records management studies.

26. To DVA or third parties under contract to DVA to disclose SSNs and dates of birth for the purpose of conducting DVA medical research and epidemiological studies.

27. To the Office of Personnel Management (OPM) upon receipt of a request from that agency in accordance with 5 U.S.C. 8347(m)(3), to disclose SSN information when OPM needs the information to administer its pension program for retired Federal Civil Service employees.

28. To the Department of Education, upon request, to verify SSNs that students provide to postsecondary educational institutions, as required by Title IV of the Higher Education Act of 1965 (20 U.S.C. 1091).

29. To student volunteers, persons working under a personal services contract, and others who are not technically Federal employees, when they need access to information in our records in order to perform their assigned agency duties.

30. To Federal, State, and local law enforcement agencies and private security contractors, as appropriate, information necessary:

(a) To enable them to ensure the safety of our employees and customers, the security of our workplace, and the operation of our facilities; or

(b) To assist investigations or prosecutions with respect to activities that affect such safety and security or activities that disrupt the operation of our facilities.

31. To recipients of erroneous Death Master File (DMF) information, to disclose corrections to information that resulted in erroneous inclusion of persons in the DMF.

32. To State vital records and statistics agencies, the SSNs of newborn children for administering public health and income maintenance programs, including conducting statistical studies and evaluation projects.

33. To State motor vehicle administration agencies (MVA) and to State agencies charged with administering State identification card programs (ICP) for the public to verify names, dates of birth, and Social Security numbers on those persons who apply for, or for whom the State issues, driver's licenses or State identification cards. When we verify this information, we will indicate whether the information the State MVA or ICP provides matches or does not match the records covered by this system of records. We will also indicate which information the State submits does not match our records. If the information does not match our records, we will not disclose the actual information in our records.

34. To entities conducting epidemiological or similar research projects, upon request, to disclose information as to whether a person is alive or deceased pursuant to section 1106(d) of the Social Security Act (42 U.S.C. 1306(d)), provided that:

(a) We determine, in consultation with the Department of Health and Human Services, that the research may reasonably be expected to contribute to a national health interest;

(b) The requester agrees to reimburse us for the costs of providing the information; and

(c) The requester agrees to comply with any safeguards and limitations we specify regarding re-release or re-disclosure of the information.

35. To employers in connection with a pilot program, conducted with the Department of Homeland Security under 8 U.S.C. 1324a(d)(4), to test methods of verifying that persons are authorized to work in the United States. We will inform an employer participating in such pilot program that the identifying data (SSN, name, and date of birth) furnished by an employer concerning a particular employee match, or do not match, the data maintained in this system of records, and when there is such a match, that information in this system of records indicates that the employee is, or is not, a citizen of the United States.

36. To a State bureau of vital statistics (BVS) that is authorized by States to issue electronic death reports when the State BVS requests that we verify the SSN of a person on whom the State will file an electronic death report after we verify the SSN.

37. To the Department of Defense (DOD) to disclose validated SSN information and citizenship status information for the purpose of assisting DOD in identifying those members of the Armed Forces and military enrollees who are aliens or non-citizen nationals that may qualify for expedited naturalization or citizenship processing. These disclosures will be made pursuant to requests made under section 329 of the Immigration and Nationality Act, 8 U.S.C. 1440, as executed by Executive Order 13269.

38. To a Federal, State, or congressional support agency (e.g., Congressional Budget Office and the Congressional Research Staff in the Library of Congress) for research, evaluation, or statistical studies. Such disclosures include, but are not limited to, release of information in assessing the extent to which one can predict eligibility for Supplemental Security Income (SSI) payments or Social Security disability insurance benefits; examining the distribution of Social Security benefits by economic and demographic groups and how these differences might be affected by possible changes in policy; analyzing the interaction of economic and non-economic variables affecting entry and exit events and duration in the Title II Old Age, Survivors, and Disability Insurance and the Title XVI SSI disability programs; and, analyzing retirement decisions focusing on the role of Social Security benefit amounts, automatic benefit recomputation, the delayed retirement credit, and the retirement test, if we:

(a) Determine that the routine use does not violate legal limitations under which the record was provided, collected, or obtained;

(b) Determines that the purpose for which the proposed use is to be made:

i. Cannot reasonably be accomplished unless the record is provided in a form that identifies persons;

ii. Is of sufficient importance to warrant the effect on, or risk to, the privacy of the person which such limited additional exposure of the record might bring;

iii. Has reasonable probability that the objective of the use would be accomplished;

iv. Is of importance to the Social Security program or the Social Security beneficiaries; or

v. Is of importance to the Social Security program or the Social Security beneficiaries or is for an epidemiological research project that relates to the Social Security program or beneficiaries;

(c) Requires the recipient of information to:

i. Establish appropriate administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record and agree to on-site inspection by SSA's personnel, its agents, or by independent agents of the recipient agency of those safeguards;

ii. Remove or destroy the information that enables the person to be identified at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the project, unless the recipient receives written authorization from SSA that it is justified, based on research objectives, for retaining such information;

iii. Make no further use of the records except:

(1) Under emergency circumstances affecting the health and safety of any person, following written authorization from us; or

(2) For disclosure to an identified person approved by us for the purpose of auditing the research project;

iv. Keep the data as a system of statistical records. A statistical record is one which is maintained only for statistical and research purposes and which is not used to make any determination about a person;

(d) Secures a written statement by the recipient of the information attesting to the recipient's understanding of, and willingness to abide by, these provisions.

39. To State and Territory MVA officials (or agents or contractors on their behalf) and State and Territory chief election officials to verify the accuracy of information the State agency provides with respect to applications for voter registration, when the applicant provides the last four digits of the SSN instead of a driver's license number.

40. To State and Territory MVA officials (or agents or contractors on their behalf) and State and Territory chief election officials, under the provisions of section 205(r)(8) of the Social Security Act (42 U.S.C. 405(r)(8)), to verify the accuracy of information the State agency provides with respect to applications for voter registration for those persons who do not have a driver's license number:

(a) When the applicant provides the last four digits of the SSN, or

(b) When the applicant provides the full SSN, in accordance with section 7 of the Privacy Act (5 U.S.C. 552a note), as described in section 303(a)(5)(D) of the Help America Vote Act of 2002. (42 U.S.C. 15483(a)(5)(D).

41. To the Secretary of Health and Human Services or to any State, we will disclose any record or information requested in writing by the Secretary for the purpose of administering any program administered by the Secretary, if we disclosed records or information of such type under applicable rules, regulations, and procedures in effect before the date of enactment of the Social Security Independence and Program Improvements Act of 1994.

42. To the appropriate Federal, State, and local agencies, entities, and persons when: (1) We suspect or confirm that the security or confidentiality of information in this system of records has been compromised; (2) we determine that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, risk of identity theft or fraud, or harm to the security or integrity of this system or our other systems or programs that rely upon the compromised information; and (3) we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. We will use this routine use to respond only to those incidents involving an unintentional release of its records.

43. To State agencies charged with administering Medicaid and the Children's Health Insurance Program (CHIP) to verify personal identification data (i.e., name, SSN, and date of birth) and to disclose citizenship status information to assist them in determining new applicants' entitlement to benefits provided by the CHIP.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

We maintain records in this system in paper form (Forms SS-5 (Application for a Social Security Card), and system generated forms); magnetic media (magnetic tape and disc with on-line access); in microfilm and microfiche form, and on electronic files (NUMIDENT and Alpha-Index).

Retrievability:

We will retrieve records by both SSN and name. If we deny an application because the applicant submitted fraudulent evidence, or if we are verifying evidence we suspect to be fraudulent, we will retrieve records either by the applicant's name plus month and year of birth, or by the applicant's name plus the eleven-digit reference number of the disallowed application.

Safeguards:

We have established safeguards for automated records in accordance with our Systems Security Handbook. These safeguards include maintaining the magnetic tapes and discs within a secured enclosure attended by security guards. Anyone entering or leaving this enclosure must have a special badge we issue only to authorized personnel.

For computerized records we transmit electronically between Central Office and Field Office locations, including organizations administering our programs under contractual agreements, safeguards include a lock/unlock password system, exclusive use of leased telephone lines, a terminal-oriented transaction matrix, and an audit trail. Only authorized personnel who have a need for the records in the performance of their official duties may access microfilm, microfiche, and paper files.

We annually provide appropriate security guidance and training to all our employees and contractors that include reminders about the need to protect personally identifiable information and the criminal penalties that apply to unauthorized access to, or disclosure of, personally identifiable information. See 5 U.S.C. 552a(i)(1). Furthermore, employees and contractors with access to databases maintaining personally identifiable information must annually sign a sanction document, acknowledging their accountability for inappropriately accessing or disclosing such information.

Retention and disposal:

We retain most paper forms only until we film and verify them for accuracy. We then shred the paper records. We retain electronic, as well as updated microfilm and microfiche records indefinitely. We update all tape, discs, microfilm, and microfiche files periodically. We erase out-of-date magnetic tapes and discs and we shred out-of-date microfiches.

System manager and address:

Director, Division of Enumeration Verification and Death Alerts, Office of Earnings, Enumeration, and Administrative Systems, Social Security Administration, 6401 Security Boulevard, Baltimore, MD 21235.

Notification procedures:

Persons can determine if this system contains a record about them by writing to the system manager at the above address and providing their name, SSN, or other information that may be in this system of records that will identify them. Persons requesting notification by mail must include a notarized statement to us to verify their identity or must certify in the request that they are the person they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another person under false pretenses is a criminal offense.

Persons requesting notification of records in person must provide their name, SSN, or other information that may be in this system of records that will identify them, as well as provide an identity document, preferably with a photograph, such as a driver's license. Persons lacking identification documents sufficient to establish their identity must certify in writing that they are the person they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another person under false pretenses is a criminal offense.

Persons requesting notification by telephone must verify their identity by providing identifying information that parallels the information in the record about which notification is sought. If we determine that the identifying information the person provides by telephone is insufficient, we will require the person to submit a request in writing or in person. If a person requests information by telephone on behalf of another person, the subject person must be on the telephone with the requesting person and with us in the same phone call. We will establish the subject person's identity (his or her name, SSN, address, date of birth, and place of birth, along with one other piece of information such as mother's maiden name), and ask for his or her consent to provide information to the requesting person. These procedures are in accordance with our regulations at 20 CFR 401.40 and 401.45.

Record access procedures:

Same as notification procedures. Persons must also reasonably specify the record contents they are seeking. These procedures are in accordance with our regulations at 20 CFR 401.40(c).

Contesting record procedures:

Same as notification procedures. Persons must also reasonably identify the record, specify the information they are contesting, and state the corrective action sought, and the reasons for the correction with supporting justification showing how the record is incomplete, untimely, inaccurate, or irrelevant. These procedures are in accordance with our regulations at 20 CFR 401.65(a).

Record source categories:

We obtain information in this system from SSN applicants (or persons acting on their behalf) and generate it internally. We assign the SSN to persons as a result of the system's internal process.

Exemptions claimed for the system:

None.