Central Repository of Electronic Authentication Data Master File

Social Security Administration

Notice of System of Records

Required by the Privacy Act of 1974, as Amended

System number:  60-0373

System name:  Central Repository of Electronic Authentication Data Master File

Security classification:  None

System Location:  Social Security Administration (SSA), Office of Systems, 6401 Security Boulevard, Baltimore, Maryland 21235.

Categories of persons covered by the system:  Persons conducting business with us through our electronic services. 

Categories of records in the system:  We will collect and maintain the users’ personally identifiable information (PII) in this system of records.  The PII may include the users’ name, address, date of birth, Social Security number (SSN), phone number, and other types of identity information (e.g., address information of persons from the W-2 and Schedule Self Employed (SE) forms we receive electronically for our programmatic purposes as permitted by 26 U.S.C. § 6103(l)(1)(A)).  We may also collect knowledge-based authentication data, which is information users establish with us or that we already maintain in existing Privacy Act systems of records. 

We will maintain the data necessary to administer and maintain our e-Authentication infrastructure.  This includes management and profile information, such as blocked accounts, failed access data, effective date of passwords, and other data that allows us to evaluate the system’s effectiveness.  The data we maintain also may include archived transaction data and historical data.

Authority for maintenance of the system:  Section 205(a) of the Social Security Act; the Government Paperwork Elimination Act (P.L. 105-277); the Internal Revenue Code (26 U.S.C. § 6103(l)(1)(A)); and the Federal Information Security Management Act of 2002 (Title III) of the              E-Government Act of 2002 (P.L. 107-347).

Purpose(s): This system of records supports our agency’s objectives to expand electronic services, such as our automated telephone and Internet application.   This system of records also supports our agency’s commitment to strong and secure authentication procedures by properly maintaining PII we collect from persons to verify their identities.  For security reasons, we must be able to determine, with confidence, persons are who they claim to be each time they choose our electronic services.

Routine uses of records covered by this system of records, including categories of users and the purposes of such uses:  Routine use disclosures are indicated below; however, we will not disclose any information defined as “return or return information” under 26 U.S.C. § 6103 of the Internal Revenue Code (IRC), unless the IRC, the Internal Revenue Service (IRS), or IRS regulations authorize us to do so.

1.      To the Office of the President in response to a request the Office of the President made at the request of the subject of the record or a third party acting on the subject’s behalf.

  1. To a congressional office in response to a request from that office made at the request of the subject of the record or a third party acting on the subject’s behalf.
  1. To the Department of Justice (DOJ), a court, other tribunal, or another party before such court or tribunal when:

a)   SSA or any of our components; or

b)   any SSA employee in his or her official capacity; or

c)   any SSA employee in his or her individual capacity when DOJ (or SSA) has agreed to represent the employee; or

d)      the United States or any agency thereof when we determine that the litigation is likely to affect the operations of SSA or any of our components,

is a party to litigation or has an interest in such litigation, and we determine that the use of such records by DOJ, a court, other tribunal, or another party before such tribunal is relevant and necessary to the litigation.  In each case, we must determine that such disclosures are compatible with the purpose for which we collected the records. 

4.    To other Federal agencies and our contractors, including external data sources, to assist us in administering our programs. 

5.    To student volunteers, persons working under a personal services contract, and others   when they need access to information in our records in order to perform their assigned agency duties.

6.      To the Department of Justice for:

a)      investigating and prosecuting violations of the Social Security Act to which criminal penalties attach; and

b)      representing the Commissioner; or

c)      investigating issues of fraud or violation of civil rights by agency officers or 

           employees.

7.      To the General Services Administration and the National Archives and Records Administration under 44 U.S.C. §§ 2904 and 2906, as amended by the NARA Act of 1984, when the information is for records management purposes.

  1. To appropriate Federal, State, and local agencies, entities, and persons when:

a)   we suspect or confirm a compromise of security or confidentiality of information;

b)   we determine that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, risk of identity theft or fraud, or harm to the security or integrity of this system or other systems or programs that rely upon the compromised information; and

c)   we determine that disclosing the information to such agencies, entities, and persons will  assist us in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. 

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in this system of records:

Storage:  We will store records in this system of records in electronic form.

Retrievability:  We will retrieve records in this system of records by a person’s name and associated identifying information. 

Safeguards:  We retain electronic files with personal identifiers in secure storage areas accessible only to our authorized employees and contractors who have a need for the information when performing their official duties.  Security measures include the use of access codes (personal identification number (PIN) and password) to enter our computer systems that house the data. 

We annually provide all our employees and contractors with security awareness and training.  This includes the need to protect PII and the criminal penalties that apply to an unauthorized access to, or disclosure of, PII.  Employees and contractors with access to databases maintaining PII must also sign a sanction document annually, acknowledging their accountability for inappropriately accessing or disclosing such information.

Retention and disposal:  We maintain records in SSA headquarters within the Office of Open Government.  We will maintain records in this system of records until seven years after the notification of the death of the account holder.  After that time, we will delete the person’s records from the database. 

System manager(s) and address:  Office of the Chief Information Officer, Office of Open Government, Social Security Administration, 6401 Security Boulevard, Baltimore, MD 21235.

Notification procedures:  Persons can determine if this system contains a record about them by writing to the system manager at the above address and providing their name, SSN, or other information in this system of records that will identify them.  Persons requesting notification by mail must include a notarized statement to us to verify their identity or must certify in the request that they are the person they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another person under false pretenses is a criminal offense. 

Persons requesting notification of records in person must provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver's license.  Persons lacking identification documents sufficient to establish their identity must certify in writing that they are the person they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another person under false pretenses is a criminal offense.

Persons requesting notification by telephone must verify their identity by providing identifying information that parallels the information in the record about which they are requesting notification.  If we determine that the identifying information the person provides by telephone is insufficient, we will require the person to submit a request in writing or in person.  If a person requests information by telephone on behalf of another person, the subject person must be on the telephone with the requesting person and us in the same phone call.  We will establish the subject person’s identity (his or her name, SSN, address, date of birth, and place of birth, along with one other piece of information such as mother's maiden name) and ask for his or her consent to provide information to the requesting person.  These procedures are in accordance with our regulations at 20 C.F.R. §§ 401.40 and 401.45.

Record access procedures:  Same as notification procedures.  Persons also should reasonably specify the record contents they are seeking.  These procedures are in accordance with our regulations (20 C.F.R. § 401.40(c)). 

Contesting record procedures: Same as notification procedures.  Persons also should reasonably identify the record, specify the information they are contesting, and state the corrective action sought and the reasons for the correction with supporting justification showing how the record is incomplete, untimely, inaccurate, or irrelevant.  These procedures are in accordance with our regulations (20 C.F.R. § 401.65(a)).

Record source categories:  We obtain information in this system of records primarily from the person to whom the record pertains.  We may also include information from electronic W-2 and electronic Schedule SE forms for members of the public.

System exempted from certain provisions of the Privacy Act:  None