Extramural Surveys (Statistics), Social Security Administration, Deputy Commissioner for Disability and Income Security Programs
Effective Date: January 11, 2006
(71 F.R. 1835)
SOCIAL SECURITY ADMINISTRATION NOTICE OF SYSTEM OF RECORDS REQUIRED BY THE PRIVACY ACT OF 1974
SYSTEM NUMBER: 60-0199
Extramural Surveys (Statistics), Social Security Administration, Deputy Commissioner for Disability and Income Security Programs.
Social Security Administration
Office of Research, Evaluation and Statistics
Addresses may be obtained by writing to the system manager.
Categories of individuals covered by the system:
Samples of individuals who are current or potential recipients of benefits from Social Security and related programs; personnel administering Social Security and related programs.
Categories of records in the system:
Socioeconomic, demographic, medical and disability characteristics; attitudes concerning subjects such as health, work experience, and family relationships; earnings and employment history, benefits, use of medical and rehabilitative services.
Authority for maintenance of the system:
Sections 1110 and 1115 of the Social Security Act (42 U.S.C. 1310 and 1315).
The purpose of this system is to obtain information for research and statistical studies of individuals who are current or potential recipients of benefits from Social Security and related programs. When the product is in the form of micro data it is available without personal identifiers to other Social Security Administration (SSA) components for data processing and data manipulation, with appropriate safeguards.
Routine uses of records maintained in the system, including categories of users and the purposes of such uses:
Disclosure may be made for routine uses as indicated below. However, disclosure of any information defined as ``return or return information'' under 26 U.S.C. 6103 of the Internal Revenue Code will not be disclosed unless authorized by a statute, the Internal Revenue
Service (IRS), or IRS regulations.
1. To a congressional office in response to an inquiry from that office made at the request of the subject of the record.
2. To a contractor under contract to the Social Security Administration (SSA), or under contract to another agency with funds provided by SSA, for the performance of research and statistical activities directly related to this system of records.
3. To the General Services Administration and the National Archives Records Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by the NARA Act of 1984, information which is not restricted from disclosure by Federal law for the use of those agencies in conducting records management studies.
4. We may disclose information to appropriate Federal, State, and local agencies, entities, and persons when (1) we suspect or confirm that the security or confidentiality of information in this system of records has been compromised; (2) we determine that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs of SSA that rely upon the compromised information; and (3) we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. SSA will use this routine use to respond only to those incidents involving an unintentional release of its records.
Policies and practices for storing, retrieving, accessing, retaining and disposing of records in the system:
Data may be stored in paper form (e.g., computer printouts) and in magnetic media (e.g., magnetic tape and disc).
Files based on SSA sample populations are indexed by SSA-assigned case numbers or Social Security numbers (SSN). Files based on contractor sample populations are indexed by contractor-assigned case numbers which may be cross-referred to SSNs. These files are retrieved by SSN or assigned case numbers.
Safeguards are established in accordance with the Systems Security Handbook. Employees having access to records have been notified of criminal sanctions for unauthorized disclosure of information about individuals.
Magnetic tapes or other files with personal identifiers are retained in secured storage areas accessible only to authorized personnel.
Microdata files prepared for purposes of research and analysis are purged of personal identifiers and are subject to procedural safeguards to assure anonymity. Access for additional information relating to SSA data security measures.
Retention and disposal:
Hard copy questionnaires will be destroyed when survey reports are completed. Records with identifiers will be held in secure storage areas and will be retained only as long as needed for analysis. Identifiers will be removed at the earliest possible time after data collection is completed. The need to retain identifiers will be evaluated at the time each survey is completed. Records with identifiers will be disposed of as soon as they are determined to be no longer needed. Means of disposal will be appropriate to the record storage medium; e.g., erasure of tapes, shredding of printouts, etc.
In longitudinal studies, working files are stripped of identifiers and given randomly assigned case numbers. A separate link file will be maintained in secure storage for updating with individual identifiers. As long as identifiable records exist, a periodic review will be made at least every 2 years to determine the need for their retention.
System manager(s) and address:
Social Security Administration
Office of Program Development and Research
This system contains limited data selected for statistical analysis. Individuals inquiring about their records in SSA programs may wish to consult other SSA systems of records which contain more detailed information.
An individual can determine if this system contains a record about him/her by writing to the system manager(s) at the above address and providing his/her name, SSN or other information that may be in the system of records that will identify him/her. An individual requesting notification of records in person should provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver's license or some other means of identification. If an individual does not have any identification documents sufficient to establish his/her identity, the individual must certify in writing that he/she is the person claimed to be and that he/she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.
If notification is requested by telephone, an individual must verify his/her identity by providing identifying information that parallels information in the record to which notification is being requested. If it is determined that the identifying information provided by telephone is insufficient, the individual will be required to submit a request in writing or in person. If an individual is requesting information by telephone on behalf of another individual, the subject individual must be connected with SSA and the requesting individual in the same phone call. SSA will establish the subject individual's identity (his/her name, SSN, address, date of birth and place of birth, along with one other piece of information, such as mother's maiden name) and ask for his/her consent in providing information to the requesting individual.
If a request for notification is submitted by mail, an individual must include a notarized statement to SSA to verify his/her identity or must certify in the request that he/she is the person claimed to be and that he/she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense. These procedures are in accordance with SSA Regulations (20 CFR 401.40(c)).
Record access procedures:
Same as Notification procedures. Requesters should also reasonably specify the record contents being sought. These procedures are in accordance with SSA Regulations (20 CFR 401.40(c)).
Contesting record procedures:
Same as Notification procedures. Requesters should also reasonably identify the record, specify the information they are contesting and the corrective action sought, and the reasons for the correction, with supporting justification showing how the record is incomplete, untimely, inaccurate or irrelevant. These procedures are in accordance with SSA Regulations (20 CFR 401.65(a)).
Record source categories:
Survey data obtained by the contractor; SSA administrative records; medical data compiled by extramural research under contracts or grants.
Systems exempted from certain provisions of the Privacy Act: