Privacy Act of 1974; as Amended; New System of Records and New Routine Use Disclosures, 29547-29550 [05-10237]

Agencies

• Social Security Administration

[Federal Register Volume 70, Number 98 (Monday, May 23, 2005)]
[Notices]
[Pages 29547-29550]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 05-10237]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION


Privacy Act of 1974; as Amended; New System of Records and New 
Routine Use Disclosures

AGENCY: Social Security Administration (SSA).

ACTION: Proposed new system of records and proposed routine uses.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act (5 U.S.C. 552a(e)(4) and 
(e)(11)), we are issuing public notice of our intent to establish a new 
system of records entitled Representative Payee/Misuse Restitution 
Control System (RP/MRCS), 60-0318, and routine uses applicable to this 
system of records. Hereinafter, we will refer to the proposed system of 
records as the RP/MRCS. We invite public comments on this proposal.

DATES: We filed a report of the proposed new system of records and 
proposed routine use disclosures with the Chairman of the Senate 
Committee on Homeland Security and Governmental Affairs, the Chairman 
of the House Committee on Government Reform, and the Director, Office 
of Information and Regulatory Affairs, Office of Management and Budget 
(OMB) on January 25, 2005. The proposed system of records and routine 
uses will become effective on March 6, 2005, unless we receive comments 
warranting it not to become effective.

ADDRESSES: Interested individuals may comment on this publication by 
writing to the Executive Director, Office of Public Disclosure, Office 
of the General Counsel, Social Security Administration, Room 3-A-6 
Operations Building, 6401 Security Boulevard, Baltimore, Maryland 
21235-6401. All comments received will be available for public 
inspection at the above address.

FOR FURTHER INFORMATION CONTACT: Ms. Joyce Schaul, Social Insurance 
Specialist, Office of Public Disclosure, Office of the General Counsel, 
Social Security Administration, Room 3-A-6 Operations Building, 6401 
Security Boulevard, Baltimore, Maryland 21235, e-mail address at 
joyce.schaul@ssa.gov, or by telephone at (410) 965-5662.

SUPPLEMENTARY INFORMATION:

I. Background and Purpose of the Proposed New System of Records 
Entitled the RP/MRCS System

A. General Background

    On March 4, 2004, President Bush signed into law the Social 
Security Protection Act of 2004 (Pub. L. 108-203), which amended 
section 205(j) of the Social Security Act. Included in the amendment is 
a requirement for the Commissioner of Social Security to re-issue 
benefits under Title II or XVI whenever an individual representative 
payee serving 15 or more beneficiaries or an organizational 
representative payee is found to have misused a beneficiary's funds. 
This is effective for determinations of misuse on or after January 1, 
1995. To carry out this function as required under the amended section 
205(j), SSA must collect and maintain certain identifying information 
about: (1) Representative payees that have misused benefits; (2) 
beneficiaries whose benefits have been misused; and (3) the 
relationship between the representative payee and the beneficiary.

B. Collection and Maintenance of the Data for the Proposed New System 
of Records Entitled the RP/MRCS System

    SSA must collect and maintain certain identifying information about 
representative payees that have misused benefits; beneficiaries whose 
benefits have been misused; and, the

[[Page 29548]]

relationship between the representative payee and the beneficiary. We 
will retrieve information from the proposed system of records by using 
the individual's name and/or Social Security Number. Thus the RP/MRCS 
system will constitute a system of records under the Privacy Act of 
1974, as amended.

II. Proposed Routine Use Disclosures of Data Maintained in the Proposed 
RP/MRCS

A. Proposed Routine Use Disclosures

    We are proposing to establish routine uses of information that will 
be maintained in the proposed RP/MRCS as discussed below.
    1. To the Office of the President for the purpose of responding to 
an individual pursuant to an inquiry received from that individual or 
from a third party on his or her behalf.
    We will disclose information under this routine use only in 
situations in which an individual may contact the Office of the 
President, seeking that Office's assistance in a matter relating to 
information contained in this system of records. Information will be 
disclosed when the Office of the President makes an inquiry and 
indicates that it is acting on behalf of the individual whose record is 
requested.
    2. To a congressional office in response to an inquiry from that 
office made at the request of the subject of a record.
    We will disclose information under this routine use only in 
situations in which an individual may ask his or her congressional 
representative to intercede in a matter relating to information 
contained in this system of records. Information will be disclosed when 
the congressional representative makes an inquiry and indicates that he 
or she is acting on behalf of the individual whose record is requested.
    3. To the Department of Justice (DOJ), a court or other tribunal, 
or another party before such tribunal when:
    (a) SSA, or any component thereof; or
    (b) Any SSA employee in his/her official capacity; or
    (c) Any SSA employee in his/her individual capacity where DOJ (or 
SSA where it is authorized to do so) has agreed to represent the 
employee; or
    (d) The United States or any agency thereof where SSA determines 
that the litigation is likely to affect the operation of SSA or any of 
its components,

Is party to litigation or has an interest in such litigation, and SSA 
determines that the use of such records by DOJ, a court or other 
tribunal, or another party before such tribunal is relevant and 
necessary to the litigation, provided, however, that in each case, SSA 
determines that such disclosure is compatible with the purpose for 
which the records were collected.
    Disclosure of any information defined as ``return or return 
information'' under 26 U.S.C. 6103 of the Internal Revenue Code (IRC) 
will not be made unless authorized by a statute, the Internal Revenue 
Service (IRS), or IRS regulations.
    We will disclose information under this routine use only as 
necessary to enable DOJ to effectively defend SSA, its components or 
employees, in litigation involving the proposed new system of records 
and ensure that courts and other tribunals have appropriate 
information.
    4. To contractors and other Federal Agencies, as necessary, for the 
purpose of assisting SSA in the efficient administration of its 
programs. We contemplate disclosing information under this routine use 
only in situations in which SSA may enter into a contractual or similar 
agreement with a third party to assist in accomplishing an Agency 
function relating to this system of records.
    We will disclose information under this routine use only in 
situations in which SSA may enter into a contractual agreement or 
similar agreement with a third party to assist in accomplishing an 
Agency function relating to this system of records.
    5. To student volunteers, individuals working under a personal 
service contract, and other individuals performing functions for SSA 
but technically not having the status of Agency employees, if they need 
access to the records in order to perform their assigned Agency 
functions.
    Under certain Federal statutes, SSA is authorized to use the 
service of volunteers and participants in certain educational, 
training, employment and community service programs. Examples of such 
statutes and programs include: 5 U.S.C. 3111 regarding student 
volunteers and 42 U.S.C. 2753 regarding the College Work-Study Program. 
We contemplate disclosing information under this routine use only when 
SSA uses the services of these individuals, and they need access to 
information in this system to perform their assigned agency duties.
    6. Non-tax return information which is not restricted from 
disclosure by federal law may be disclosed to the General Services 
Administration (GSA) and the National Archives and Records 
Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by NARA 
Act of 1984, for the use of those agencies in conducting records 
management studies.
    The Administrator of GSA and the Archivist of NARA are charged by 
44 U.S.C. 2904, as amended, with promulgating standards, procedures and 
guidelines regarding record management and conducting records 
management studies. 44 U.S.C. 2906, as amended, provides that GSA and 
NARA are to have access to Federal agencies' records and that agencies 
are to cooperate with GSA and NARA. In carrying out these 
responsibilities, it may be necessary for GSA and NARA to have access 
to this proposed system of records. In such instances, the routine use 
will facilitate disclosure.
    7. To Federal, State, and local law enforcement agencies and 
private security contractors, as appropriate, information necessary:
     To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace, and the operation of SSA 
facilities, or
     To assist investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupt the operation of SSA facilities.
    We will disclose information under this routine use to law 
enforcement agencies and private security contractors when information 
is needed to respond to, investigate, or prevent activities that 
jeopardize the security and safety of SSA customers, employees or 
workplaces or that otherwise disrupt the operation of SSA facilities. 
Information would also be disclosed to assist in the prosecution of 
persons charged with violating Federal or local law in connection with 
such activities.

B. Compatibility of Proposed Routine Uses

    The Privacy Act (5 U.S.C. 552a(b)(3)) and SSA's disclosure 
regulation (20 CFR part 401) permit us to disclose information under a 
published routine use for a purpose that is compatible with the purpose 
for which we collected the information. SSA's Regulations at 20 CFR 
401.150(c) permit us to disclose information under a routine use where 
necessary to carry out SSA programs. SSA's Regulations at 20 CFR 
401.120 provide that we will disclose information when a law 
specifically requires the disclosure. The proposed routine uses 
numbered 1 through 5 and 7 above will ensure efficient administration 
of SSA programs administered through the RP/MRCS; the disclosure that 
would be made under routine use number 6 is required by law. The 
proposed routine uses are

[[Page 29549]]

appropriate and meet the relevant statutory and regulatory criteria.

III. Records Storage Medium and Safeguards for the Proposed New System 
Entitled the RP/MRCS

    SSA will maintain information in the RP/MRCS in electronic and 
paper form. Only authorized SSA and contractor personnel who have a 
need for the information in the performance of their official duties 
will be permitted access to the information. We will safeguard the 
security of the information by requiring the use of access codes to 
enter the computer system that will maintain the data and will store 
computerized records in secured areas that are accessible only to 
employees who require the information to perform their official duties. 
Any manually maintained records will be kept in locked cabinets or in 
otherwise secure areas. Furthermore, SSA employees having access to SSA 
databases maintaining personal information must sign a sanction 
document annually, acknowledging their accountability for making 
unauthorized access to or disclosure of such information.
    Contractor personnel having access to data in the RP/MRCS will be 
required to adhere to SSA rules concerning safeguards, access and use 
of the data.
    SSA and contractor personnel having access to the data on this 
system will be informed of the criminal penalties of the Privacy Act 
for unauthorized access to or disclosure of information maintained in 
this system. See 5 U.S.C. 552a(i)(1).

IV. Effect of the Proposed RP/MRCS on the Rights of Individuals

    The proposed new system of records will maintain only that 
information that is necessary for the efficient and effective control 
and processing of the RP/MRCS in order to investigate certain misuse 
cases to determine whether the beneficiary has been repaid by either 
SSA or the representative payee. Security measures will be employed 
that protect access to and preclude unauthorized disclosure of records 
in the proposed system of records. Therefore, we do not anticipate that 
the proposed system of records will have an unwarranted adverse effect 
on the rights of individuals.

    Dated: January 25, 2005.
Jo Anne B. Barnhart,
Commissioner.

Social Security Administration (SSA); Notice of System of Records; 
Required by the Privacy Act of 1974; as Amended

60-0318

System Name:
    Representative Payee/Misuse Restitution Control System (RP/MRCS), 
Office of the Deputy Commissioner for Disability and Income Security 
Programs, Associate Commissioner for Income Security Programs.

Security Classification:
    None.

System Location:
    Associate Commissioner for Income Security Programs, Social 
Security Administration, 6401 Security Boulevard, Baltimore, Maryland 
21235-6401.

Categories of Individuals Covered by the System:
    This system maintains information about representative payees that 
have misused benefits and beneficiaries/recipients whose benefits have 
been misused.

Categories of Records in the System:
    Data in this system consist of: (1) Names, mailing address, 
location address, phone number, employee identification number (EIN)/
Social Security number (SSN), and identification number of 
representative payees; (2) Names, SSNs or other cross-referenced 
account numbers, the program in which the misuse occurred (Title II or 
Title XVI), current address, payment status, misuse amount, misuse 
determination date, misuse start date, misuse end date and SSA 
negligence code (Y or N) of beneficiaries/recipients; and (3) The 
original amount refunded by payee, original amount restored by SSA, new 
amount refunded by payee, new amount restored by SSA, case outcome and 
completion date.

Authority for Maintenance of the System:
    The Social Security Protection Act of 2004 (Pub. L. 108-203); 
Section 205(j)(5) of the Social Security Act; (42 U.S.C. 405(j)(5)).

Purpose(s):
    Information in this system will assist SSA in investigating certain 
representative payee misuse cases going back to January 1, 1995, to 
determine whether the beneficiary has been repaid by either SSA or the 
representative payee. The information in this system will also be used 
to control completion of cases and to provide details about how the 
case was resolved.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purpose of Such Uses:
    Disclosure may be made for routine uses as indicated below. 
However, disclosure of any information defined as ``return'' or 
``return information'' under 26 U.S.C. 6103 of the Internal Revenue 
Code will not be made unless authorized by a statute, the Internal 
Revenue Service (IRS) or IRS regulations.
    1. To the Office of the President for the purpose of responding to 
an individual pursuant to an inquiry received from that individual or 
from a third party on his or her behalf.
    2. To a congressional office in response to an inquiry from that 
office made at the request of the subject of a record.
    3. To the Department of Justice (DOJ), a court or other tribunal, 
or another party before such tribunal when: (a) SSA, or any component 
thereof; or (b) Any SSA employee in his/her official capacity; or (c) 
Any SSA employee in his/her individual capacity where DOJ (or SSA where 
it is authorized to do so) has agreed to represent the employee; or (d) 
The United States or any agency thereof where SSA determines that the 
litigation is likely to affect the operations of SSA or any of its 
components, Is party to litigation or has an interest in such 
litigation, and SSA determines that the use of such records by DOJ, a 
court or other tribunal, or another party before such tribunal is 
relevant and necessary to the litigation, provided, however, that in 
each case, SSA determines that such disclosure is compatible with the 
purpose for which the records were collected.
    Disclosure may be made for routine uses as indicated below. 
However, disclosure of any information defined as ``return'' or 
``return information'' under 26 U.S.C. 6103 of the Internal Revenue 
Code will not be made unless authorized by a statute, the Internal 
Revenue Service (IRS) or IRS regulations.
    4. To contractors and other Federal agencies, as necessary, for the 
purpose of assisting SSA in the efficient administration of its 
programs. We contemplate disclosing information under this routine use 
only in situations in which SSA may enter into a contractual or similar 
agreement with a third party to assist in accomplishing an agency 
function relating to this system of records.

[[Page 29550]]

    5. To student volunteers, individuals working under a personal 
services contract, and other individuals performing functions for SSA 
but technically not having the status of Agency employees if they need 
access to the records in order to perform their assigned Agency 
functions.
    6. Non-tax return information which is not restricted from 
disclosure by Federal law may be disclosed to the General Services 
Administration (GSA) and the National Archives and Records 
Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by NARA 
Act of 1984, for the use of those agencies in conducting records 
management studies.
    7. To Federal, State, and local law enforcement agencies and 
private security contractors, as appropriate, information necessary:
     To enable them to protect the safety of SSA employees and 
the public, the security of the SSA workplace, the operation of SSA 
facilities, or
     To assist investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupt the operation of SSA facilities.

Policies and Practices for Storing, Retrieving, Accessing, Retaining 
and Disposing of Records in the System:
Storage:
    Records in this system are maintained electronically.

Retrievability:
    Records in this system will be retrieved by the name, SSN or EIN of 
the representative payee, or name or SSN of the beneficiary/recipient.

Safeguards:
    Security measures include the use of access codes to enter the 
computer system which will maintain the data, the storage of 
computerized records in secured areas which are accessible only to 
employees who require the information in performing their official 
duties. SSA employees who have access to the data will be informed of 
the criminal penalties of the Privacy Act for unauthorized access to or 
disclosure of information maintained in the system. See 5 U.S.C. 
552a(i)(1).
    Contractor personnel having access to data in the system of records 
will be required to adhere to SSA rules concerning safeguards, access 
and use of the data.

Retention and Disposal:
    Misuse data and contact information about misusers (payees) will be 
populated into RP/MRCS via a flat file produced by the Office of 
Systems from the Representative Payee System (RPS) using the criteria 
specified by section 205(j) of the Social Security Act. This flat file 
will also contain current beneficiary contact data from the Master 
Beneficiary Record and/or the Supplemental Security Income Record.
    Once the data is loaded into RP/MRCS, field offices will develop 
the status of repayment of each misuse event and post resolution 
information. Management information regarding cases pending and cleared 
will be collected and reported as will information about case 
resolution.
    Data collected during the course of an RP/MCRS action is stored in 
a database on the Dallas Regional Office's Windows servers. Only a 
limited number of new records (those that were not recorded on RPS) 
will be added to the database. RP/MRCS will cover only misuse events 
related to the closed period of January 1, 1995, through the initial 
population of the database from SSA's Representative Payee System in 
April 2004.
    Records in the system will be retained for 12 months after the 
final data are posted and then they will be archived.

System Manager(s):
    Associate Commissioner for Income Security Programs, Social 
Security Administration, 6401 Security Boulevard, Baltimore, Maryland 
21235-6401.

Notification Procedure(s):
    An individual can determine if this system contains a record about 
him/her by writing to the systems manager(s) at the above address and 
providing his/her name, SSN or other information that may be in the 
system of records that will identify him/her. An individual requesting 
notification of records in person should provide the same information, 
as well as provide an identity document, preferably with a photograph, 
such as a driver's license or some other means of identification. If an 
individual does not have any identification documents sufficient to 
establish his/her identity, the individual must certify in writing that 
he/she is the person claimed to be and that he/she understands that the 
knowing and willful request for, or acquisition of, a record pertaining 
to another individual under false pretenses is a criminal offense. (20 
CFR 401.40).
    If notification is requested by telephone, an individual must 
verify his/her identity by providing identifying information that 
parallels the record to which notification is being requested. If it is 
determined that the identifying information provided by telephone is 
insufficient, the individual will be required to submit a request in 
writing or in person. If an individual is requesting information by 
telephone on behalf of another individual, the subject individual must 
be connected with SSA and the requesting individual in the same phone 
call. SSA will establish the subject individual's identity (his/her 
name, SSN, address, date of birth and place of birth along with one 
other piece of information such as mother's maiden name) and ask for 
his/her consent in providing information to the requesting individual. 
(20 CFR 401.45)
    If a request for notification is submitted by mail, an individual 
must include a notarized statement to SSA to verify his/her identity or 
must certify in the request that he/she is the person claimed to be and 
that he/she understands that the knowing and willful request for, or 
acquisition of, a record pertaining to another individual under false 
pretenses is a criminal offense. These procedures are in accordance 
with SSA Regulations (20 CFR 401.45).

Record Access Procedure(s):
    Same as Notification procedures. Requesters also should reasonably 
specify the record contents they are seeking. These procedures are in 
accordance with SSA Regulations (20 CFR 401.40).

Contesting Record Procedure(s):
    Same as Notification procedures. Requesters should also reasonably 
identify the record, specify the information they are contesting, and 
state the corrective action sought and the reasons for the correction 
with supporting justification showing how the record is untimely, 
incomplete, inaccurate, or irrelevant. These procedures are in 
accordance with SSA Regulations (20 CFR 401.65).

Record Source Categories:
    Information in this system of records is obtained from existing 
systems of records such as the Claims Folder System, 60-0089, Master 
Beneficiary Record, 60-0090, Supplemental Security Income Record and 
Special Veterans Benefits, 60-0103 and the Master Representative Payee 
File, 60-0222.

Systems Exempt From Certain Provisions of the Privacy Act:
    None.

[FR Doc. 05-10237 Filed 5-20-05; 8:45 am]
BILLING CODE 4191-02-P