Privacy Act of 1974; System of Records
| Published date | 21 December 2018 |
| Record Number | 2018-27665 |
| Court | Social Security Administration |
Federal Register, Volume 83 Issue 245 (Friday, December 21, 2018)
[Federal Register Volume 83, Number 245 (Friday, December 21, 2018)]
[Notices]
[Pages 65779-65782]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-27665]
=======================================================================
-----------------------------------------------------------------------
SOCIAL SECURITY ADMINISTRATION
[Docket No. SSA-2018-0042]
Privacy Act of 1974; System of Records
AGENCY: Office of Retirement and Disability Policy, Office of Research,
Demonstration, and Employment Support, Social Security Administration
(SSA).
ACTION: Notice of a New System of Records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act of 1974, we are issuing
public notice of our intent to establish a new system of records
entitled the Disability Analysis File (DAF) and the National
Beneficiary Survey (NBS) Data System, (60-0382). This notice publishes
details of the system as set forth under the caption SUPPLEMENTARY
INFORMATION.
DATES: This system of records is effective upon its publication in
today's Federal Register, with the exception of the routine uses, which
are effective January 22, 2019. We invite public comment on the routine
uses or other aspects of this system of records. In accordance with 5
U.S.C. 552a(e)(4) and (e)(11), the public is given a 30-day period in
which to submit comments. Please submit any comments by January 22,
2019.
ADDRESSES: The public, Office of Management and Budget (OMB), and
Congress may comment on this publication by writing to the Executive
Director, Office of Privacy and Disclosure, Office of the General
Counsel, Social Security Administration, Room G-401 West High Rise,
6401 Security Boulevard, Baltimore, Maryland 21235-6401, or through the
Federal e-Rulemaking Portal at http://www.regulations.gov, please
reference docket number SSA-2018-0042. All comments we receive will be
available for public inspection at the above address and we will post
them to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: Andrea Huseth, Government Information
Specialist, Privacy Implementation Division, Office of Privacy and
Disclosure, Office of the General Counsel, SSA, Room G-401 West High
Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-6401,
telephone: (410) 965-6868, email: andrea.huseth@ssa.gov and Tristin
Dorsey, Government Information Specialist, Privacy Implementation
Division, Office of Privacy and Disclosure, Office of the General
Counsel, SSA, Room G-401 West High Rise, 6401 Security Boulevard,
Baltimore, Maryland 21235-6401, telephone: (410) 965-2950, email:
tristin.dorsey@ssa.gov.
SUPPLEMENTARY INFORMATION: The DAF is an analytical file consisting of
agency program data in an easy-to-use format. Each year, we create a
new version of the file. The DAF contains historical, longitudinal, and
one-time data \1\ on all beneficiaries with disabilities who were
between age 18 and retirement age and who participated in the Social
Security Disability Insurance (SSDI) or Supplemental Security Income
(SSI) programs at any time between 1996 and the year of the file. The
file also includes data on SSI child beneficiaries who participated in
the SSI program.
---------------------------------------------------------------------------
\1\ Historical data provides characteristics about specific
incidents that occurred in the past. Longitudinal data is
information provided at intervals over time to indicate change over
time, e.g., benefit amounts in each months from 1994 through the end
of the file. One-time data provides information about a beneficiary
that does not change over time, e.g., sex or date of birth.
---------------------------------------------------------------------------
The NBS collects data from a national sample of SSDI and SSI
beneficiaries, covering a wide range of topics including socio-
demographic information, limiting conditions, health
[[Page 65780]]
and functional status, health insurance, interest in work, barriers to
work, use of services, employment, income, and experience with Social
Security programs including Ticket to Work.
In accordance with 5 U.S.C. 552a(r), we have provided a report to
OMB and Congress on this new system of records.
Dated: October 1, 2018.
Mary Zimmerman,
Acting Executive Director, Office of Privacy and Disclosure, Office of
the General Counsel.
SYSTEM NAME AND NUMBER
Disability Analysis File (DAF) and the National Beneficiary Survey
(NBS) Data System, 60-0382.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Social Security Administration, Office of Retirement and Disability
Policy, Office of Research, Demonstration, and Employment Support, 6401
Security Boulevard, Baltimore, Maryland 21235.
SYSTEM MANAGER(S):
Social Security Administration, Deputy Commissioner for Retirement
and Disability Policy, Office of Research, Demonstration, and
Employment Support, 6401 Security Boulevard, Baltimore, Maryland 21235,
[supcaret]ORDES_Controls@ssa.gov.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Sections 234, 1106, and 1110 of the Social Security Act (42 U.S.C.
434, 1306, and 1310) and SSA Regulations (20 CFR part 401.165).
PURPOSE(S) OF THE SYSTEM:
We use this system to perform research about SSDI and/or SSI
beneficiaries. We may also grant outside researchers access to
information in this system when conducting SSA-approved research.
Internal and external researchers and statisticians use the data to
perform in-depth research including, but not limited to, examining the
medical, economic, and social consequences of limitations in work
activity for individuals with disabilities and their families; program
planning and evaluation; evaluation of proposals for policy and
legislative changes; and, to determine the characteristics of program
applicants and benefit recipients.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
We maintain information about past, present, and potential
beneficiaries (e.g., denied applicants) of SSDI and SSI, as well as
State Vocational Rehabilitation programs.
CATEGORIES OF RECORDS IN THE SYSTEM:
The categories of records in this system include name; Social
Security number (SSN); socioeconomic data (e.g., education, work, and
earnings); demographics, (e.g., date of birth, date of death, sex, and
state of residence); medical characteristics, (e.g., number of
limitations, self-reported health, mental health score); disability
characteristics, (e.g. primary diagnosis code and dual eligibility);
information concerning subjects, (e.g., health, self-reported health
status, work experience, and family relationships); benefits, (e.g.,
combined SSI and SSDI); and use of medical and rehabilitative services,
(e.g., agency closure type and service use).
RECORD SOURCE CATEGORIES:
We obtain information in this system from other SSA systems of
records, including but not limited to 60-0050, Completed Determination
Record--Continuing Disability Determinations; 60-0058, Master File of
Social Security Number (SSN) Holders and SSN Applications; 60-0090,
Master Beneficiary Record; 60-0103, Supplemental Security Income Record
and Special Veterans Benefits; 60-0221, Vocational Rehabilitation
Reimbursement Case Processing System; 60-0295, Ticket-to-Work and Self-
Sufficiency Program Payment Database; and 60-0320, Electronic
Disability (eDIB) Claim File.
The system also contains data from system of records 60-0059,
Earnings Recording and Self-Employment Income System. Only SSA staff
have access to data from the Earnings Recording and Self-Employment
Income System.
We also obtain information in this system from other Federal
agencies (e.g., the U.S. Census Bureau and U.S. Department of Education
(e.g., the Rehabilitation Services Administration, for vocational
rehabilitation program applicant or participant data)); surveys (e.g.,
the National Beneficiary Survey); and other extramural research
conducted under agreements, contracts, and grants between SSA and other
agencies or entities.
ROUTINE USES OF RECORDS COVERED IN THE SYSTEM, INCLUDING CATEGORIES OF
USERS AND THE PURPOSES OF SUCH USES:
We will disclose records pursuant to the following routine uses;
however, we will not disclose any information defined as ``return or
return information'' under 26 U.S.C. 6103 of the Internal Revenue Code,
unless authorized by statute, the Internal Revenue Service (IRS), or
IRS regulations.
1. To contractors and Federal agencies, as necessary, for the
purpose of assisting SSA in the efficient administration of its
programs. We will disclose information under this routine use only in
situations in which SSA may enter into a contractual or similar
agreement with a third party to assist in accomplishing an agency
function relating to this system of records.
2. To contractors, cooperative agreement awardees, State agencies,
Federal agencies, and Federal congressional support agencies for
research and statistical activities that are designed to increase
knowledge about present or alternative Social Security programs; are of
importance to the Social Security program or the Social Security
beneficiaries; or are for an epidemiological project that relates to
the Social Security program or beneficiaries. We will disclose
information under this routine use pursuant only to a written agreement
with SSA.
3. To organizations and agencies that have been granted on-site
access only to the DAF-NBS system for research and statistics
activities that are designed to increase knowledge about present or
alternative Social Security programs; are of importance to the Social
Security program or the Social Security beneficiaries; or are for an
epidemiological project that relates to the Social Security program or
beneficiaries. We will disclose information under this routine use
pursuant only to a written agreement between the organization or agency
and SSA.
4. To student volunteers, individuals working under a personal
services contract, and other workers who technically do not have the
status of Federal employees, when they are performing work for SSA, as
authorized by law, and they need access to personally identifiable
information (PII) in SSA records in order to perform their assigned
agency functions.
5. To a congressional office in response to an inquiry from that
office made on behalf of, and at the request of, the subject of the
record or third party acting on the subject's behalf.
6. To the Office of the President, in response to an inquiry from
that office made on behalf of, and at the request of, the subject of
record or a third party acting on the subject's behalf.
7. To the Department of Justice (DOJ), a court or other tribunal,
or another party before such court or tribunal, when:
(a) SSA, or any component thereof; or
(b) any SSA employee in his/her official capacity; or
[[Page 65781]]
(c) any SSA employee in his/her individual capacity where DOJ (or
SSA where it is authorized to do so) has agreed to represent the
employee; or
(d) the United States or any agency thereof where SSA determines
the litigation is likely to affect SSA or any of its components,is a
party to the litigation or has an interest in such litigation, and SSA
determines that the use of such records by DOJ, a court or other
tribunal, or another party before the tribunal is relevant and
necessary to the litigation, provided, however, that in each case, the
agency determines that disclosure of the records to DOJ, court or other
tribunal, or another party is a use of the information contained in the
records that is compatible with the purpose for which the records were
collected.
8. To Federal, State and local law enforcement agencies and private
security contractors as appropriate, information necessary:
(a) To enable them to protect the safety of SSA employees and
customers, the security of the SSA workplace, and the operation of SSA
facilities; or
(b) to assist in investigations or prosecutions with respect to
activities that affect such safety and security or activities that
disrupt the operation of SSA facilities.
9. To the National Archives and Records Administration (NARA) under
44 U.S.C. 2904 and 2906.
10. To appropriate agencies, entities, and persons when:
(a) SSA suspects or has confirmed that there has been a breach of
the system of records;
(b) SSA has determined that, as a result of the suspected or
confirmed breach, there is a risk of harm to individuals, SSA
(including its information systems, programs, and operations), the
Federal Government, or national security; and
(c) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connections with SSA's efforts to
respond to the suspected or confirmed breach or to prevent, minimize,
or remedy such harm.
11. To another Federal agency or Federal entity, when the SSA
determines that information from this system of records is reasonably
necessary to assist the recipient agency or entity in:
(a) Responding to a suspected or confirmed breach; or
(b) preventing, minimizing, or remedying the risk of harm to
individuals, the recipient agency or entity (including its information
systems, programs, and operations), the Federal Government, or national
security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
We store data in paper form (e.g., questionnaire forms, computer
printouts) and in electronic form (e.g., magnetic tape and disc).
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
We retrieve files by case number or SSN. We also retrieve files by
socioeconomic, demographic, medical, and disability characteristics.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
We retain records until 90 days old or no longer needed pursuant to
supervisory authorization, whichever is appropriate, in accordance with
the approved NARA General Records Schedule 4.2: Information Access and
Protection Records (DAA-GRS-2013-0007-0012).
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
We retain electronic and paper files with personal identifiers in
secure storage areas accessible only by our authorized employees and
contractors who have a need for the information when performing their
official duties. Security measures include the use of codes and
profiles, personal identification number and password, and personal
identification verification cards. We keep paper records in locked
cabinets within secure areas, with access limited to only those
employees who have an official need for access in order to perform
their duties. To the maximum extent consistent with the approved
research needs, we purge personal identifiers from micro-data files
prepared for purposes of research and subject these files to procedural
safeguards to assure anonymity.
We annually provide our employees and contractors with appropriate
security awareness training that includes reminders about the need to
protect PII and the criminal penalties that apply to unauthorized
access to, or disclosure of, PII (5 U.S.C. 552a(i)(1)). Furthermore,
employees and contractors with access to databases maintaining PII must
sign a sanctions document annually, acknowledging their accountability
for inappropriately accessing or disclosing such information.
In addition, all external researchers accessing information from
the DAF-NBS system of records will be required to complete the
appropriate security awareness training, which includes reminders about
the need to protect PII and the criminal penalties that apply to
unauthorized access to, or disclosure of, PII.
RECORD ACCESS PROCEDURES:
Individuals may submit requests for notification of, or access to,
information about them contained in this system by submitting a written
request to the system manager at the above address, which includes
their name, SSN, or other information that may be in this system of
records that will identify them. Individuals requesting notification
of, or access to, a record by mail must include (1) a notarized
statement to verify their identity or (2) must certify in the request
that they are the individual they claim to be and that they understand
that the knowing and willful request for, or acquisition of, a record
pertaining to another individual under false pretenses is a criminal
offense.
Individuals requesting notification of, or access to, records may
also make an in-person request by providing their name, SSN, or other
information that may be in this system of records that will identify
them, as well as provide an identifying document, preferably with a
photograph, such as a driver's license. Individuals lacking
identification documents sufficient to establish their identity must
certify in writing that they are the individual they claim to be and
that they understand that the knowing and willful request for,
acquisition of, a record pertaining to another individual under false
pretenses is a criminal offense. These procedures are in accordance
with our regulations at 20 CFR 401.40 and 401.45.
CONTESTING RECORD PROCEDURES:
Same as record access procedures. Individuals should also
reasonably identify the record, specify the information they are
contesting, and state the corrective action sought and the reasons for
the correction with supporting justification showing how the record is
incomplete, untimely, inaccurate, or irrelevant. These procedures are
in accordance with our regulations at 20 CFR 401.65(a).
NOTIFICATION PROCEDURES:
Same as record access procedures. These procedures are in
accordance with our regulations at 20 CFR 401.40 and 401.45.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
[[Page 65782]]
HISTORY:
None.
[FR Doc. 2018-27665 Filed 12-20-18; 8:45 am]
BILLING CODE 4191-02-P
