Privacy Act of 1974; Computer Matching Program

AGENCY:

Office of Personnel Management.

ACTION:

Notice—computer matching between the Office of Personnel Management and the Social Security Administration #1045.

SUMMARY:

In accordance with the Privacy Act of 1974 (5 U.S.C. 552a), as amended by the Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-503), Office of Management and Budget (OMB) Guidelines on the Conduct of Matching Programs (54 FR 25818 published June 19, 1989), and OMB Circular No. A-130, revised November 28, 2000, “Management of Federal Information Resources,” the Office of Personnel Management (OPM) is publishing notice of its new computer matching program with the Social Security Administration (SSA).

DATES:

OPM will file a report of the subject matching program with the Committee on Homeland Security and Governmental Affairs of the Senate, the Committee on Oversight and Government Reform of the House of Representatives and the Office of Information and Regulatory Affairs, Office of Management and Budget (OMB). The matching program will begin 30 days after the Federal Register notice has been published or 40 days after the date of OPM's submissions of the letters to Congress and OMB, whichever is later. The matching program will continue for 18 months from the beginning date and may be extended an additional 12 months thereafter. Subsequent matches will run until one of the parties advises the other in writing of its intention to reevaluate, modify and/or terminate the agreement.

ADDRESSES:

Send comments to Deon Mason, Chief, Business Services, Office of Personnel Management, Room 4316, 1900 E. Street NW., Washington, DC 20415.

FOR FURTHER INFORMATION CONTACT:

Teresa R. Williams on (202) 606-2187.

SUPPLEMENTARY INFORMATION:

A. General

The Privacy Act (5 U.S.C. 552a), as amended, establishes the conditions under which computer matching involving the Federal government could be performed and adding certain protections for individuals applying for and receiving Federal benefits. Section 7201 of the Omnibus Budget Reconciliation Act of 1990 (Pub. L. 101-508) further amended the Privacy Act regarding protections for such individuals.

The Privacy Act, as amended, regulates the use of computer matching by Federal agencies when records in a system of records are matched with other Federal, State, or local government records. Among other things, it requires Federal agencies involved in computer matching programs to:

(1) Negotiate written agreements with the other agency for agencies participating in the matching programs;

(2) Obtain the approval of the match agreement by the Data Integrity Boards (DIB) of the participating Federal agencies;

(3) Furnish detailed reports about matching programs to Congress and OMB;

(4) Notify applicants and beneficiaries that their records are subject to matching;

(5) Verify match findings before reducing, suspending, termination or denying an individual's benefits or payments.

B. OPM Computer Matches Subject to the Privacy Act

We have taken action to ensure that all of OPM's computer matching programs comply with the requirements of the Privacy Act, as amended.

Notice of Computer Matching Program, Office of Personnel Management (OPM) With the Social Security Administration (SSA)

A. Participating Agencies

OPM and SSA.

B. Purpose of the Matching Program

The purpose of this agreement is to establish the conditions under which the Social Security Administration (SSA) will disclose tax return information to the Office of Personnel Management (OPM). OPM will match SSA's data with OPM's records on disability retirees under age 60, disabled adult child survivors, certain retirees in receipt of a supplemental benefit under the Federal Employees Retirement System (FERS), and certain annuitants receiving a discontinued service retirement benefit under the Civil Service Retirement System (CSRS). Law limits the amount these retirees, survivors, and annuitants can earn while retaining benefits paid to them. Retirement benefits cease upon re-employment in Federal service for discontinued service annuitants. OPM will use SSA data to determine continued eligibility for benefits.

C. Authority for Conducting the Matching Program

Chapters 83 and 84 of title 5 of the United States Code provide the basis for computing annuities under CSRS and FERS, respectively, and require release of information by SSA to OPM in order to administer data exchanges involving military service performed by an individual after December 31, 1956. The CSRS requirement is codified at section 8332(j) of title 5 of the United States Code; the FERS requirement is codified at section 8422(e)(4) of title 5 of the United States Code. The responsibilities of SSA and OPM with respect to information obtained pursuant to this agreement are also in accordance with the following: the Privacy Act (5 U.S.C. 552a), as amended; section 307 of the Omnibus Budget Reconciliation Act of 1982 (Pub. L. 97-253), codified at section 8332 Note of title 5 of the United States Code; section 1306(a) of title 42 of the United States Code; and section 6103(1)(11) of title 26 of the United States Code.

D. Categories of Records and Individuals Covered by the Match

SSA will disclose data from its MBR file (60-0090, Master Beneficiary Record, SSA/OEEAS) and MEF file (60-0059, Earnings Recording and Self-Employment Income System, SSA/OEEAS) and manually-extracted military wage information from SSA's “1086” microfilm file when required (71 FR 1796, January 11, 2006). OPM will provide SSA with an electronic finder file from the OPM system of records published as OPM/Central-1 (Civil Service Retirement and Insurance Records) last published on March 20, 2008 (73 FR 15014). The system of records involved have routine uses permitting the disclosures needed to conduct this match.

E. Privacy Safeguards and Security

The Privacy Act (5 U.S.C. 552a(o)(1)(G)) requires that each matching agreement specify procedures for ensuring the administrative, technical and physical security of the records matched and the results of such programs.

All Federal agencies are subject to: The Federal Information Security Management Act of 2002 (FISMA) (44 U.S.C. 3541 et seq.) ; related OMB circulars and memorandum (e.g., OMB Circular A-130 and OMB M-06-16); National Institute of Science and Technology (NIST) directives; and the Federal Acquisition Regulations (FAR). These laws, circulars, memoranda directives and regulations include requirements for safeguarding Federal information systems and personally identifiable information used in Federal agency business processes, as well as related reporting requirements. OPM and SSA recognize that all laws, circulars, memoranda, directives and regulations relating to the subject of this agreement and published subsequent to the effective date of this agreement must also be implemented if mandated.

FISMA requirements apply to all Federal contractors and organizations or sources that possess or use Federal information, or that operate, use, or have access to Federal information systems on behalf of an agency. OPM will be responsible for oversight and compliance of their contractors and agents. Both OPM and SSA reserve the right to conduct onsite inspection to monitor compliance with FISMA regulations.

F. Inclusive Dates of the Match

The matching program shall become effective upon the signing of the agreement by both parties to the agreement and approval of the agreement by the Data Integrity Boards of the respective agencies, but no sooner than 40 days after notice of this matching program is sent to Congress and the Office of Management and Budget or 30 days after publication of this notice in the Federal Register, whichever is later. The matching program will continue for 18 months from the effective date and may be extended for an additional 12 months thereafter, if certain conditions are met.