SSA's Commitment to Protecting Privacy through Compliance

We have a long history of collecting information to carry out our mission. Information that we collect is about your wages, identifying information, employers, addresses, and much more. The first regulation we published included a commitment to the public to safeguard the personal information you entrust to us. This commitment is as solid as it was when Social Security began in 1935 and is further strengthened by privacy laws. We cannot publicly release much of our information because it is protected by privacy laws, the Internal Revenue Code, and other statutes. While we can anonymize some of the information, much of it we cannot. Our FOIA process and other transparency efforts recognize these constraints, and we will protect privacy in disclosures in accordance with applicable laws.

Learn more about our compliance with privacy laws below:

System of Records Notices (SORNS)

The Privacy Act of 1974 (5 U.S.C. 552a) requires each Federal agency to publish a notice in the Federal Register of each system of records that it maintains. A system of records is any grouping of information about an individual under the control of a Federal agency from which information is retrieved by the name, Social Security number, or some other personal identifier.

Review SORNS that SSA Maintains

Privacy Impact Assessments (PIAs)

President George W. Bush signed the E-Government Act of 2002 (Public Law 107-347, 44 U.S.C. Ch 36) on December 17, 2002. It became effective on April 17, 2003. Section 208 of the E-Government Act requires that the Office of Management and Budget issue guidance to agencies on implementing the privacy provisions of the E-Government Act. The E-Government Act requires agencies to conduct PIAs for their electronic information systems and collections. Agencies must make these PIAs publicly available.

Review PIAs Conducted by SSA

Government Information Exchanges

Federal statutes (including section 1106 of the Social Security Act, the Privacy Act of 1974, section 6103 of the Internal Revenue Code, and related Social Security regulations and policies) protect and control the privacy of all personal information SSA maintains.

The Privacy Act and related legal authority we note above allow SSA to disclose information from its program records to Federal, State, and local agencies for certain "routine uses." These routine uses are permissive uses of information SSA collects and are defined in the Privacy Act at 5 U.S.C. § 552a(a)(7) as follows: "with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected."

Thus, when a Federal, State, or local agency requests data from SSA, the agency must ensure that the purpose of the request is compatible with administration of SSA programs.

Learn More about Government Data Exchanges and Privacy

Internet Privacy Policy

As a Federal agency, the Privacy Act of 1974 (5 U.S.C. § 552a) requires us to protect the information we collect from you. We respect your right to privacy and work to protect it when you visit our website.

Read SSA's Internet Privacy Policy

Links to Privacy and Disclosure Law and Guidance