Privacy Act of 1974; System of Records, 58422-58426 [2019-23750]

Agencies

• Social Security Administration

[Federal Register Volume 84, Number 211 (Thursday, October 31, 2019)]
[Notices]
[Pages 58422-58426]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-23750]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION

[Docket No. SSA-2019-0028]


Privacy Act of 1974; System of Records

AGENCY: Office of Privacy and Disclosure, Office of the General 
Counsel, and Office of Retirement and Disability Policy, Social 
Security Administration (SSA).

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act, we are issuing public 
notice of our intent to modify an existing system of records entitled, 
Claims Folders System (60-0089), last published on April 1, 2003. This 
notice publishes details of the modified system as set forth under the 
caption, SUPPLEMENTARY INFORMATION.

DATES: The system of records notice (SORN) is applicable upon its 
publication in today's Federal Register, with the exception of the new 
routine uses, which are effective December 2, 2019. We invite public 
comment on the routine uses or other aspects of this SORN. In 
accordance with 5 U.S.C. 552a(e)(4) and (e)(11), the public is given a 
30-day period in which to submit comments. Therefore, please submit any 
comments by December 2, 2019.

ADDRESSES: The public, Office of Management and Budget (OMB), and 
Congress may comment on this publication by writing to the Executive 
Director, Office of Privacy and Disclosure, Office of the General 
Counsel, SSA, Room G-401 West High Rise, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, or through the Federal e-Rulemaking 
Portal at https://www.regulations.gov, please reference docket number 
SSA-2019-0028. All comments we receive will be available for public 
inspection at the above address and we will post them to https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Tristin Dorsey, Government Information 
Specialist, Privacy Implementation Division, Office of Privacy and 
Disclosure, Office of the General Counsel, SSA, Room G-401 West High 
Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, 
telephone: (410) 965-2950, email: [email protected] and Andrea 
Huseth, Government Information Specialist, Disclosure and Data Support 
Division, Office of Privacy and Disclosure, Office of the General 
Counsel, SSA, Room G-401 West High Rise, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, telephone: (410) 965-6868, email: 
[email protected].

SUPPLEMENTARY INFORMATION: We are modifying the system of records name 
from ``Claims Folders System, SSA, Office of the General Counsel, 
Office of Public Disclosure'' to ``Claims Folders System'' to 
accurately reflect the system. We are modifying the authority for 
maintenance of the system to include Section 216 of the Social Security 
Act and Public Law 115-165. We are expanding system managers to include 
the Office of Retirement and Disability Policy.
    We are modifying the categories of records to include that we will 
now collect advance designation information, per Section 201 of the 
Strengthening Protections for Social Security Beneficiaries Act of 2018 
(H.R. 4547, Pub. L. 115-165, hereafter referred to as Pub. L. 115-165). 
Our representative payee program provides financial management for 
Social Security beneficiaries, Supplemental Security Income (SSI) 
recipients, and Special Veterans Benefits recipients (all referred to 
hereafter as beneficiaries) who are incapable of managing or directing 
the management of their benefits or payments. The representative 
payee's primary responsibility is to use the beneficiary's benefits or 
payments for the beneficiary's current and foreseeable needs. Public 
Law 115-165 allows claimants and beneficiaries to advance designate one 
or more individuals who could be their representative payee, if the 
time comes that they need one.
    In addition, we are modifying the categories of records to remove 
references to the Claimant Identification Pilot Project, as we no 
longer collect photographic identification during our claims process. 
We are also adding the beneficiary notice control (BNC). Section 2 of 
the Social Security Number Fraud Prevention Act of 2017 (H.R. 624, Pub. 
L. 115-59, hereafter referred to as Pub. L. 115-59), restricts the 
inclusion of Social Security numbers (SSN) on documents the Federal 
government sends by mail. Some of our mailed documents include a 
placeholder for the

[[Page 58423]]

responder to include the full SSN. Pursuant to Public Law 115-59, we 
will retain the SSN for mailed documents that we determined are 
``mission critical'' and require an SSN to facilitate our business 
processes. The remaining mailed documents that are not mission critical 
will have the SSN removed and replaced with a BNC.
    We are deleting routine use No. 17, as it is no longer applicable 
and no longer a condition of the individual's eligibility for payment 
under section 1611(e)(3) of the Social Security Act. This routine use 
permitted disclosures to institutions or facilities approved for the 
treatment of drug addicts or alcoholics. We are also adding a new 
routine use No. 38 to permit disclosures to contractors, cooperative 
agreement awardees, Federal and State agencies, and Federal 
congressional support agencies for research and statistical activities. 
In the past, we disclosed information from this system of records to 
the entities listed above under our efficient administration routine 
use. We are establishing this new routine use to distinguish 
disclosures that we make specifically for research purposes. We are 
also modifying the policies and practices for the retrieval of records 
to clarify that we will also retrieve records by BNC. Lastly, we are 
modifying the notice throughout to correct miscellaneous stylistic 
formatting and typographical errors of the previously published notice, 
and to ensure the language reads consistently across multiple systems. 
We are republishing the entire notice for ease of reference.
    In accordance with 5 U.S.C. 552a(r), we provided a report to OMB 
and Congress on this modified system of records.

    Dated: October 23, 2019.
Matthew Ramsey,
Executive Director, Office of Privacy and Disclosure, Office of the 
General Counsel.
SYSTEM NAME AND NUMBER

Claims Folders System, 60-0089

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Social Security Administration, Office of Systems, Office of 
Systems Operations and Hardware Engineering, Robert M. Ball Building, 
6401 Security Boulevard, Baltimore, Maryland 21235.

SYSTEM MANAGER(S):
    Social Security Administration, Executive Director, Office of 
Privacy and Disclosure, Office of the General Counsel, G-401 West High 
Rise, 6401 Security Boulevard, Baltimore, Maryland 21235, 
[email protected].
    Social Security Administration, Deputy Commissioner of Retirement 
and Disability Policy, Office of Retirement and Disability Policy, 
Robert M. Ball Building, 6401 Security Boulevard, Baltimore, MD 21235, 
[email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Sections 202-205, 216, 223, 226, 228, 1611, 1631, 1818, 1836, 1840 
and Title VIII of the Social Security Act, as amended, and the 
Strengthening Protections for Social Security Beneficiaries Act of 2018 
(Pub. L. 115-165).

PURPOSE(S) OF THE SYSTEM:
    We will use the information in this system to determine entitlement 
to or eligibility for Title II (Retirement, Survivor's and Disability 
Insurance) benefits, Title VIII (Special Veterans Benefits--SVB), and 
XVI (Supplemental Security Income--SSI) payments; reconcile problem 
cases; and produce and maintain the following existing systems of 
records: Black Lung Payment System (60-0045), Master Beneficiary Record 
(60-0090), SSI Record and SVB (60-0103), Master Representative Payee 
File (60-0222), and the Medicare Database File (60-0321).

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system maintains information about all claimants, 
beneficiaries, and potential claimants for benefits and payments 
administered by SSA.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system maintains records that include, but are not limited to, 
the name and SSN of the claimant or potential claimant; application for 
benefits or payments; earnings record information that we establish and 
maintain; documents that support findings of fact regarding entitlement 
or eligibility and continuing entitlement or eligibility; payment 
documentation; correspondence to and from claimants or representatives; 
information about representative payees; information about individuals 
whom a claimant or beneficiary has designated in advance as a 
representative payee; information received from third parties regarding 
claimants' potential entitlement; BNC; data collected as a result of 
inquiries and complaints or evaluation and measurement studies, which 
assess the effectiveness of claims policies; records of certain actions 
entered directly into the computer processes, which include reports of 
changes of address, work status and other post-adjudicative actions; 
abstracts used for statistical purposes (i.e., disallowances, technical 
denials, and demographic and statistical information relating to 
disability decisions); and denied claims.

RECORD SOURCE CATEGORIES:
    We obtain information in this system from claimants, potential 
claimants, and beneficiaries; accumulated reports of employers or self-
employed individuals; various local, State, and Federal agencies; 
claimant representatives; and other sources that support findings of 
fact regarding entitlement or eligibility and continuing entitlement or 
eligibility, i.e., information received from third parties regarding 
claimants' potential entitlement or eligibility.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    We will disclose records pursuant to the following routine uses; 
however, we will not disclose any information defined as ``return or 
return information'' under 26 U.S.C. 6103 of the Internal Revenue Code 
(IRC), unless authorized by statute, IRS, or IRS regulations.
    1. To third party contacts (e.g., employers and private pension 
plans) in situations where the party to be contacted has, or is 
expected to have, information relating to the individual's capability 
to manage his or her benefits or payments, or his or her eligibility 
for or entitlement to benefits or eligibility for payments, under the 
Social Security program when:
    (a) The individual is unable to provide information being sought. 
An individual is considered to be unable to provide certain types of 
information when:
    i. He or she is incapable or is of questionable mental capability;
    ii. He or she cannot read or write;
    iii. He or she cannot afford the cost of obtaining the information;
    iv. He or she has a hearing impairment and contacts us via 
telephone through a telecommunications relay system operator;
    v. A language barrier exists; or
    vi. The custodian of the information will not, as a matter of 
policy, provide it to the individual; OR
    (b) the data is necessary to establish the validity of evidence or 
to verify the accuracy of information presented by the individual, and 
it concerns one or more of the following:
    i. His or her entitlement to or eligibility for benefits under the 
Social Security program;
    ii. The amount of his or her benefit or payment; or

[[Page 58424]]

    iii. Any case in which the evidence is being reviewed, as a result 
of suspected abuse or fraud or concern for program integrity, quality 
appraisal or evaluation and measurement activities.
    2. To third party contacts, where necessary, to establish or verify 
information provided by representative payees or representative payee 
applicants.
    3. To a Social Security beneficiary or claimant, when a claim is 
filed by an individual on the same record adverse to the beneficiary, 
only information concerning the facts relevant to the interests of each 
party in a claim, i.e.,
    (a) an award of benefits to a new claimant precludes an award to a 
prior claimant; or
    (b) an award of benefits to a new claimant will reduce benefit 
payments to the individual(s) on the rolls, but only for information 
concerning the facts relevant to the interests of each party in a 
claim.
    4. To employers, current or former, for correcting or 
reconstructing earnings records and for Social Security tax purposes.
    5. To the Department of Treasury, for:
    (a) Collecting Social Security taxes, or as otherwise pertinent to 
tax and benefit payment provisions of the Social Security Act, 
including SSN verification services; and
    (b) investigating the alleged theft, forgery, or unlawful 
negotiation of Social Security checks.
    6. To the United States Postal Service, for investigating the 
alleged theft or forgery of Social Security checks.
    7. To Department of Justice (DOJ), for the purposes of:
    (a) Investigating and prosecuting violations of the Social Security 
Act to which criminal penalties attach,
    (b) representing the Commissioner of Social Security, and,
    (c) investigating issues of fraud or violations of civil rights by 
officers or SSA employees.
    8. To the Department of State, for administration of the Social 
Security Act in foreign countries through services and facilities of 
that agency.
    9. To the American Institute, a private corporation under contract 
to the Department of State, for administering the Social Security Act 
in Taiwan through facilities and services of that agency.
    10. To the Department of Veterans Affairs (VA), Regional Office, 
Manila, Philippines, for the administration of the Social Security Act 
in the Philippines and other parts of the Asia-Pacific region through 
services and facilities of that agency.
    11. To the Department of Interior and its agents, for the purpose 
of administering the Social Security Act in the Northern Mariana 
Islands through facilities and services of that agency.
    12. To the Railroad Retirement Board (RRB), for the purpose of 
administering provisions of the Social Security Act relating to 
railroad employment.
    13. To State Social Security administrators, for administering 
agreements pursuant to section 218 of the Social Security Act.
    14. To State audit agencies for the purpose of:
    (a) Auditing State supplementation payments and Medicaid 
eligibility considerations; and
    (b) expenditures of Federal funds by the State in support of the 
Disability Determination Services.
    15. To private medical and vocational consultants, for use in 
preparing for, or evaluating the results of, consultative medical 
examinations or vocational assessments which they were engaged to 
perform by us or a State agency, in accordance with sections 221 or 
1633 of the Social Security Act.
    16. To specified business and other community members and Federal, 
State and local agencies for verification of eligibility for benefits 
under section 1631(e) of the Social Security Act.
    17. To claimants, prospective claimants (other than the data 
subject), and their authorized representatives or representative 
payees, to the extent necessary to pursue Social Security claims; to 
representative payees, when the information pertains to individuals for 
whom they serve as representative payees, for the purpose of assisting 
us in administering representative payment responsibilities under the 
Social Security Act; and to representative payees, for the purpose of 
assisting them in performing their duties as payees, including 
receiving and accounting for benefits for individuals for whom they 
serve as payees.
    18. To a congressional office in response to an inquiry from that 
office made on behalf of, and at the request of, the subject of the 
record or third party acting on the subject's behalf.
    19. In response to legal process or interrogatories relating to the 
enforcement of an individual's child support or alimony obligations, as 
required by section 459 of the Social Security Act.
    20. To Federal, State, or local agencies (or agents on their 
behalf), for administering income or health maintenance programs 
including programs under the Social Security Act. Such disclosures 
include the release of information to the following agencies, but are 
not limited to:
    (a) RRB, for administering provisions of the Railroad Retirement 
Act and Social Security Act, relating to railroad employment, and for 
administering provisions of the Railroad Unemployment Insurance Act;
    (b) VA, for administering 38 U.S.C. 1312, and upon request, for 
determining eligibility for, or amount of, veterans' benefits or for 
verifying other information with respect thereto pursuant to 38 U.S.C. 
5106;
    (c) Department of Labor for administering provisions of Title IV of 
the Federal Coal Mine Health and Safety Act, as amended by the Black 
Lung Benefits Act;
    (d) State welfare departments, for administering sections 
205(c)(2)(B)(i)(II) and 402 of the Social Security Act, which require 
information about assigned SSNs for Temporary Assistance for Needy 
Families (TANF) program purposes, and for determining a beneficiary's 
eligibility under the TANF program;
    (e) State agencies for administering the Medicaid program; and
    (f) State agencies for making determinations of food stamp 
eligibility under the food stamp program.
    21. To State welfare departments:
    (a) Pursuant to agreements with us, for the administration of State 
supplementation payments;
    (b) for enrollment of welfare beneficiaries for medical insurance 
under section 1843 of the Social Security Act; and
    (c) for conducting independent quality assurance reviews of SSI 
beneficiary records, provided that the agreement for Federal 
administration of the supplementation provides for such an independent 
review.
    22. To State vocational rehabilitation agencies, State health 
departments, or other agencies providing services to disabled children, 
for consideration of rehabilitation services, per sections 222 and 1615 
of the Social Security Act.
    23. To the Social Security agency of a foreign country, to carry 
out the purpose of an international Social Security agreement entered 
between the United States and the other country, pursuant to section 
233 of the Social Security Act.
    24. To IRS, Department of the Treasury, for the purpose of auditing 
SSA's compliance with the safeguard provisions of the IRC of 1986, as 
amended.
    25. To the Office of the President in response to an inquiry from 
that office made on behalf of, and at the request of, the subject of 
the record or a third party acting on the subject's behalf.

[[Page 58425]]

    26. To third party contacts (including private collection under 
contract with us), for the purpose of their assisting us in recovering 
overpayments.
    27. To Department of Homeland Security, upon request, to identify 
and locate aliens in the United States pursuant to section 290(b) of 
the Immigration and Nationality Act (8 U.S.C. 1360(b)).
    28. To contractors and other Federal Agencies, as necessary, for 
the purpose of assisting us in the efficient administration of our 
programs. We will disclose information under this routine use only in 
situations in which we may enter into a contractual or similar 
agreement to obtain assistance in accomplishing an SSA function 
relating to this system of records.
    29. To the National Archives and Records Administration (NARA) 
under 44 U.S.C. 2904 and 2906.
    30. To DOJ, a court or other tribunal, or another party before such 
tribunal, when:
    (a) SSA, or any component thereof; or
    (b) Any SSA employee in his or her official capacity; or
    (c) Any SSA employee in his or her individual capacity where DOJ 
(or SSA, where it is authorized to do so) has agreed to represent the 
employee; or
    (d) The United States or any agency thereof where we determine that 
the litigation is likely to affect us or any of our components, is a 
party to litigation or has an interest in such litigation, and we 
determine that the use of such records by DOJ, a court or other 
tribunal, or another party before the tribunal, is relevant and 
necessary to the litigation, provided, however, that in each case, we 
determine that such disclosure is compatible with the purpose for which 
the records were collected.
    31. To the Department of Education, addresses of beneficiaries who 
are obligated on loans held by the Secretary of Education or a loan 
made in accordance with 20 U.S.C. 1071, et seq. (the Robert T. Stafford 
Federal Student Loan Program), as authorized by section 489A of the 
Higher Education Act of 1965.
    32. To student volunteers, individuals working under a personal 
services contract, and other workers who technically do not have the 
status of Federal employees, when they are performing work for us, as 
authorized by law, and they need access to personally identifiable 
information (PII) in our records in order to perform their assigned 
agency functions.
    33. To Federal, State, and local law enforcement agencies and 
private security contractors as appropriate, if necessary:
    (a) To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace and the operation of our 
facilities, or
    (b) to assist investigations or prosecutions with respect to 
activities that affect such safety and security, or activities that 
disrupt the operation of our facilities.
    34. To appropriate agencies, entities, and persons when:
    (a) SSA suspects or has confirmed that there has been a breach of 
the system of records;
    (b) SSA has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, SSA (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and
    (c) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with SSA's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    35. To agencies or entities who have a written agreement with us, 
to perform representative payee reviews for SSA and to provide 
training, administrative oversight, technical assistance, and other 
support for those reviews.
    36. To state protection and advocacy (P&A) systems, that have a 
written agreement with us to conduct reviews of representative payees, 
for the purpose of conducting additional reviews that the P&A systems 
have reason to believe are warranted.
    37. To another Federal agency or Federal entity, when we determine 
that information from this system of records is reasonably necessary to 
assist the recipient agency or entity in:
    (a) Responding to a suspected or confirmed breach; or
    (b) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    38. To contractors, cooperative agreement awardees, State agencies, 
Federal agencies, and Federal congressional support agencies for 
research and statistical activities that are designed to increase 
knowledge about present or alternative Social Security programs; are of 
importance to the Social Security program or the Social Security 
beneficiaries; or are for an epidemiological project that relates to 
the Social Security program or beneficiaries. We will disclose 
information under this routine use pursuant only to a written agreement 
with us.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    We maintain records in this system in paper and electronic form.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    We will retrieve records by SSN, name, or BNC.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    In accordance with NARA rules codified at 36 CFR 1225.16, we 
maintain records in accordance with the approved NARA Agency-Specific 
Records Schedule N1-47-05-1.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    We retain electronic and paper files containing personal 
identifiers in secure storage areas accessible only by our authorized 
employees who have a need for the information when performing their 
official duties. Security measures include, but are not limited to, the 
use of codes and profiles, personal identification number and password, 
and personal identification verification cards. We restrict access to 
specific correspondence within the system based on assigned roles and 
authorized users. We maintain electronic files with personal 
identifiers in secure storage areas. We will use audit mechanisms to 
record sensitive transactions as an additional measure to protect 
information from unauthorized disclosure or modification. We keep paper 
records in cabinets within secure areas, with access limited to only 
those employees who have an official need for access in order to 
perform their duties.
    We annually provide our employees and contractors with appropriate 
security awareness training that includes reminders about the need to 
protect PII and the criminal penalties that apply to unauthorized 
access to, or disclosure of PII. See 5 U.S.C. 552a(i)(1). Furthermore, 
employees and contractors with access to databases maintaining PII must 
annually sign a sanction document that acknowledges their 
accountability for inappropriately accessing or disclosing such 
information.

RECORD ACCESS PROCEDURES:
    Individuals may submit requests for information about whether this 
system contains a record about them by submitting a written request to 
the system manager at the above address,

[[Page 58426]]

which includes their name, SSN, or other information that may be in 
this system of records that will identify them. Individuals requesting 
notification of, or access to, a record by mail must include: (1) A 
notarized statement to us to verify their identity; or (2) must certify 
in the request that they are the individual they claim to be and that 
they understand that the knowing and willful request for, or 
acquisition of, a record pertaining to another individual under false 
pretenses is a criminal offense.
    Individuals requesting notification of, or access to, records in 
person must provide their name, SSN, or other information that may be 
in this system of records that will identify them, as well as provide 
an identity document, preferably with a photograph, such as a driver's 
license. Individuals lacking identification documents sufficient to 
establish their identity must certify in writing that they are the 
individual they claim to be and that they understand that the knowing 
and willful request for, or acquisition of, a record pertaining to 
another individual under false pretenses is a criminal offense.
    These procedures are in accordance with our regulations at 20 CFR 
401.40 and 401.45.

CONTESTING RECORD PROCEDURES:
    Same as record access procedures. Individuals should also 
reasonably identify the record, specify the information they are 
contesting, and state the corrective action sought and the reasons for 
the correction with supporting justification showing how the record is 
incomplete, untimely, inaccurate, or irrelevant. These procedures are 
in accordance with our regulations at 20 CFR 401.65(a).

NOTIFICATION PROCEDURES:
    Same as record access procedures. These procedures are in 
accordance with our regulations at 20 CFR 401.40 and 401.45.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    68 FR 15784, Claims Folders System.
    72 FR 69723, Claims Folders System.
    83 FR 31250, Claims Folders System.
    83 FR 54969, Claims Folders System.

[FR Doc. 2019-23750 Filed 10-30-19; 8:45 am]
 BILLING CODE 4191-02-P