Privacy Act of 1974; System of Records, 2224-2227 [2020-00331]

Agencies

• Social Security Administration

[Federal Register Volume 85, Number 9 (Tuesday, January 14, 2020)]
[Notices]
[Pages 2224-2227]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-00331]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION

[Docket No. SSA-2019-0058]


Privacy Act of 1974; System of Records

AGENCY: Office of Financial Policy and Operations, Office of Budget, 
Finance, and Management, Social Security Administration (SSA).

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act, we are issuing public 
notice of our intent to modify an existing system of records entitled, 
Financial Transactions of SSA Accounting and Finance Offices (60-0231), 
last published on January 11, 2006. This notice publishes details of 
the modified system as set forth below under the caption, SUPPLEMENTARY 
INFORMATION.

DATES: The system of records notice (SORN) is applicable upon its 
publication in today's Federal Register, with the exception of the new 
routine uses, which are effective February 13, 2020. We invite public 
comment on the routine uses or other aspects of this SORN. In 
accordance with 5 U.S.C. 552a(e)(4) and (e)(11), the public is given a 
30-day period in which to submit comments. Therefore, please submit any 
comments by February 13, 2020.

ADDRESSES: The public, Office of Management and Budget (OMB), and 
Congress may comment on this publication by writing to the Executive 
Director, Office of Privacy and Disclosure, Office of the General 
Counsel, SSA, Room G-401 West High Rise, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, or through the Federal e-Rulemaking 
Portal at https://www.regulations.gov, please reference docket number 
SSA-2019-0058. All comments we receive will be available for public 
inspection at the above address and we will post them to https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Tristin Dorsey, Government Information 
Specialist, Privacy Implementation Division, Office of Privacy and 
Disclosure, Office of the General Counsel, SSA, Room G-401 West High 
Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, 
telephone: (410) 966-5855, email: [email protected].

SUPPLEMENTARY INFORMATION: We are modifying the system of records name 
from ``Financial Transactions of SSA Accounting and Finance Offices, 
SSA, Deputy Commissioner for Finance, Assessment and Management, Office 
of Financial Policy and Operations'' to ``Social Security Online 
Accounting and Reporting System'' to accurately reflect the system. We 
are modifying the system manager and location to clarify the name of 
the office.
    We are clarifying the categories of individuals covered by the 
system of records and clarifying how we will store and retrieve 
records. We are also expanding the categories of records to include 
collection payment information, taxpayer identification numbers, and 
email addresses; and expanding the record source categories to include 
existing SSA systems of records.
    In addition, we are revising the language in routine use No. 1 to 
clarify that we may also provide records to the Department of Treasury, 
for the purpose of administering licenses for individuals residing in 
sanctioned foreign countries. We are revising routine use No. 8 by 
specifying additional debt collection reasons, in which we may disclose 
information to the Department of Treasury.
    We are deleting the following routine uses, of the prior version of 
the SORN, as they are no longer applicable:
     No. 2--this routine use permitted disclosures to members 
of Congress, for the purpose of Federal financial assistance.
     No. 5--this routine use permitted disclosures to Federal, 
State, and local agencies that maintain civil, criminal, or other 
relevant enforcement records or other pertinent records, for the 
purpose of obtaining records relevant to an agency decision concerning 
the hiring or retention of an employee; the issuance of a security 
clearance; the letting of a contract; or the issuance of a license or 
other benefit.
     No. 6--this routine use permitted disclosures to Federal 
agencies, in response to their request, for the purpose of obtaining 
records relevant and necessary to an agency decision concerning the 
hiring or retention of an employee; the issuance of a security 
clearance; the reporting of an investigation of an employee; the 
letting of a contract; or the issuance of a license or other benefit by 
the requesting agency.
     No. 7--this routine use permitted disclosures to Federal 
agencies that have the power to subpoena records, e.g., the Internal 
Revenue Service or the Civil Rights Commission, in response to a 
subpoena for information.
     No. 11(a)--this routine use permitted disclosures to the 
Department of Treasury, for purposes of determining whether an 
individual has a delinquent tax account and determining an individual's 
creditworthiness.
    We are adding three new routine uses to permit disclosures to the 
Office of the President, for the purpose of responding to an inquiry 
received; to Federal, State and local law enforcement agencies and 
private contractors, for the safety and security of SSA employees, 
customers, and facilities; and to the Internal Revenue Service, for 
auditing purposes of the safeguard provisions of Internal Revenue Code 
of 1986. Lastly, we are modifying the notice throughout to correct 
miscellaneous stylistic formatting and typographical errors of the 
previously published notice, and to ensure the language reads 
consistently across multiple systems. We are republishing the entire 
notice for ease of reference.
    In accordance with 5 U.S.C. 552a(r), we have provided a report to 
OMB and Congress on this modified system of records.

Matthew Ramsey,
Executive Director, Office of Privacy and Disclosure, Office of the 
General Counsel.
SYSTEM NAME AND NUMBER
    Social Security Online Accounting and Reporting System, 60-0231

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Social Security Administration, Office of Budget, Finance, and 
Management, Office of Financial Policy and Operations, 6401 Security 
Boulevard, Baltimore, Maryland 21235-6401.

SYSTEM MANAGER(S):
    Social Security Administration, Deputy Commissioner of Office of 
Budget, Finance, and Management, Office of Financial Policy and 
Operations, 6401 Security Boulevard, Baltimore, MD 21235-6401, 
[email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Sections 204 and 1631 of the Social Security Act, as amended; 
Budget and Accounting Procedures Act of 1950 (Pub. L. 81-784); Debt 
Collection Act of 1982 (Pub. L. 97-365); Debt Collection Improvement 
Act of 1996 (Pub. L. 104-134); International Emergency Economic Powers 
Act (Pub. L. 95-223); Digital Accountability and Transparency Act (Pub. 
L. 113-101); and SSA Regulations (20 CFR parts 404, 416, and 422).

[[Page 2225]]

PURPOSE(S) OF THE SYSTEM:
    We will use the information in this system to track payments to 
individuals, exclusive of salaries and wages; establish receivable 
records for recovery of overpayments and tracking repayment status; 
develop reports of non-employee vendors for applicable State and local 
taxing officials of taxable income; validate and certify payments; and 
internal auditing.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system maintains information about individuals who make 
payments to or receive payments from us including, but not limited to, 
employees traveling on official business, employees participating in 
the vision program, contractors, grantees, consultants, Social Security 
beneficiaries or recipients who may have been overpaid; and for 
individuals who have received goods or services for which there is a 
charge or fee.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system consists of records received, created, or compiled 
pertaining to collection and summary level payment information 
including, but not limited to, name; Social Security number (SSN); 
taxpayer identification number; email address; purpose of payment, 
accounting classification, and amount paid; credit card information; 
the amount of indebtedness for overpayments and delinquent grants; 
repayment status; collection amount; travel vouchers submitted for 
reimbursement of travel and other expenditures, while on official 
business; the amount of indebtedness for employee overpayments, 
exclusive of salaries and wages; and Video Display Terminal (VDT) 
vouchers submitted for reimbursement of vision costs.

RECORD SOURCE CATEGORIES:
    We obtain information in this system of records from existing SSA 
systems of records such as the Master Beneficiary Record, 60-0090, and 
Supplemental Security Income Record and Special Veterans Benefits, 60-
0103; and from the individual to whom the record pertains, including 
individual travel and VDT vouchers, grants, contract and purchase order 
award documents, delinquent grant records, invoices of services 
rendered or goods received, and applications for travel or salary 
advances.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    We will disclose records pursuant to the following routine uses; 
however, we will not disclose any information defined as ``return or 
return information'' under 26 U.S.C. 6103 of the Internal Revenue Code 
(IRC), unless authorized by a statute, the Internal Revenue Service 
(IRS), or IRS regulations.
    1. To the Department of the Treasury,
    (a) for check preparation;
    (b) to provide the Office of Foreign Assets Control relevant and 
necessary information concerning SSA payments for investigations of 
individuals, groups, companies, or countries on the Specially 
Designated National and Blocked Persons List; and
    (c) for the purpose of administering licenses for individuals 
residing in foreign countries.
    2. To a congressional office in response to an inquiry from that 
office made on behalf of, and at the request of, the subject of the 
record or a third party acting on the subject's behalf.
    3. To the Department of Justice (DOJ), in the event that we deem it 
desirable, or necessary, in determining whether particular records are 
required to be disclosed under the Freedom of Information Act.
    4. To officials of labor organizations recognized under 5 U.S.C. 
71, when relevant and necessary to their duties of exclusive 
representation concerning personnel policies, practices, and matters 
affecting conditions of employment.
    5. To DOJ, a court or other tribunal, or another party before such 
court or tribunal, when
    (a) SSA, or any component thereof; or
    (b) any SSA employee in his or her official capacity; or
    (c) any SSA employee in his or her individual capacity where DOJ 
(or SSA where it is authorized to do so) has agreed to represent the 
employee; or
    (d) the United States or any agency thereof where we determine the 
litigation is likely to affect SSA or any of its components, is a party 
to the litigation or has an interest in such litigation, and we 
determine that the use of such records by DOJ, a court or other 
tribunal, or another party before the tribunal, is relevant and 
necessary to the litigation, provided, however, that in each case, we 
determine that such disclosure is compatible with the purpose for which 
the records were collected.
    6. To credit reporting agencies, to obtain a credit report about a 
potential contractor or grantee in order to determine the potential 
contractor's or grantee's creditworthiness.
    7. To the Department of the Treasury,
    (a) to assist us in recovering the collection of delinquent 
administrative debts through Administrative Wage Garnishment (31 U.S.C. 
3720D) via the Treasury Crossing Servicing program as authorized by the 
Debt Collection Improvement Act of 1996;
    (b) to recover debts through reduction of tax refund payments 
pursuant to 31 U.S.C. 3720A; or
    (c) for any other debt collection method authorized under law.
    8. To the following entities in order to help collect a debt owed 
the United States:
    (a) to another Federal agency, so that agency can effect a salary 
offset;
    (b) to another Federal agency, so that agency can effect an 
administrative offset under common law or under 31 U.S.C. 3716 
(withholding from money payable to, or held on behalf of, the 
individual);
    (c) to the Department of Treasury, to request the mailing address 
of an individual under the IRC (26 U.S.C. 6103(m)(2)(A)), for the 
purpose of locating the individual to collect or compromise a Federal 
claim against the individual, in accordance with 31 U.S.C. 3711, 3717 
and 3718;
    (d) to an agent of SSA that is a consumer reporting agency within 
the meaning of 15 U.S.C. 1681a(f), the mailing address of an individual 
may be disclosed to such agent for the purpose of allowing such agent 
to prepare a commercial credit report on the individual for use by SSA 
in accordance with 31 U.S.C. 3711, 3717 and 3718;
    (e) to debt collection agents under 31 U.S.C. 3718 or under common 
law to help collect a debt; and
    (f) to DOJ for litigation or for further administrative action; in 
accordance with 31 U.S.C. 3711(e)(1)(F), disclosure under parts (a)-(c) 
and (e) is limited to information necessary to establish the identity 
of the person, including name, address and taxpayer identification or 
SSN, the amount status and history of the claim, and the agency or 
program under which the claim arose.
    9. To another Federal agency, that has asked SSA to effect an 
administrative offset under common law or under 31 U.S.C. 3716, to help 
collect a debt owed the United States; disclosure under this routine 
use is limited to the individual's name, address, SSN, and other 
information necessary to identify the individual information about the 
money payable to, or held for, the individual, and other information 
concerning the administrative offset.
    10. To IRS and State and local tax authorities, when income and 
payments are reported to them concerning employees, contractors, and 
when amounts are written-off as legally or

[[Page 2226]]

administratively uncollectible, in whole or in part.
    11. To banks enrolled in the Treasury credit card network, to 
collect a payment or debt when the individual has given his or her 
credit card number for this purpose.
    12. To student volunteers, individuals working under a personal 
services contract, and other workers who technically do not have the 
status of Federal employees, when they are performing work for us, as 
authorized by law, and they need access to personally identifiable 
information (PII) in our records in order to perform their assigned 
agency functions.
    13. To the National Archives and Records Administration (NARA) 
under 44 U.S.C. 2904 and 2906.
    14. To contractors and other Federal agencies, as necessary, for 
the purpose of assisting us in the efficient administration of its 
programs. We will disclose information under this routine use only in 
situations in which we may enter into a contractual or similar 
agreement to obtain assistance in accomplishing an SSA function 
relating to this system of records.
    15. To appropriate agencies, entities, and persons when:
    (a) SSA suspects or has confirmed that there has been a breach of 
the system of records;
    (b) SSA has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, SSA (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and
    (c) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with SSA's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    16. To another Federal agency or Federal entity, when we determine 
that information from this system of records is reasonably necessary to 
assist the recipient agency or entity in:
    (a) Responding to a suspected or confirmed breach; or
    (b) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    17. To the Office of the President, in response to an inquiry 
received from that office made on behalf of, and at the request of, the 
subject of record or a third party acting on the subject's behalf.
    18. To Federal, State and local law enforcement agencies and 
private security contractors, as appropriate, information necessary:
    (a) To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace and the operation of our 
facilities, or
    (b) to assist investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupt the operation of our facilities.
    19. To the IRS, Department of the Treasury, for the purpose of 
auditing SSA's compliance with the safeguard provisions of the IRC of 
1986, as amended.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    We will maintain records in this system in paper and in electronic 
form.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    We will retrieve records in this system by name, SSN, voucher 
number, or collection number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    In accordance with NARA rules codified at 36 CFR 1225.16, we 
maintain records in accordance with the approved NARA General Records 
Schedule 1.1, Financial Management and Reporting Records (DAA-GRS-2013-
0003-0001 and DAA-GRS-2013-0003-0002).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    We retain electronic and paper files containing personal 
identifiers in secure storage areas accessible only by our authorized 
employees and contractors who have a need for the information when 
performing their official duties. Security measures include, but are 
not limited to, the use of codes and profiles, personal identification 
number and password, and personal identification verification cards. We 
restrict access to specific correspondence within the system based on 
assigned roles and authorized users. We maintain electronic files with 
personal identifiers in secure storage areas. We use audit mechanisms 
to record sensitive transactions as an additional measure to protect 
information from unauthorized disclosure or modification. We keep paper 
records in cabinets within secure areas, with access limited to only 
those employees who have an official need for access in order to 
perform their duties.
    We annually provide our employees and contractors with appropriate 
security awareness training that includes reminders about the need to 
protect PII and the criminal penalties that apply to unauthorized 
access to, or disclosure of, PII (5 U.S.C. 552a(i)(1)). Furthermore, 
employees and contractors with access to databases maintaining PII must 
annually sign a sanctions document that acknowledges their 
accountability for inappropriately accessing or disclosing such 
information.

RECORD ACCESS PROCEDURES:
    Individuals may submit requests for information about whether this 
system contains a record about them by submitting a written request to 
the system manager at the above address, which includes their name, 
SSN, or other information that may be in this system of records that 
will identify them. Individuals requesting notification of, or access 
to, a record by mail must include: (1) A notarized statement to us to 
verify their identity; or (2) must certify in the request that they are 
the individual they claim to be and that they understand that the 
knowing and willful request for, or acquisition of, a record pertaining 
to another individual under false pretenses is a criminal offense.
    Individuals requesting notification of, or access to, records in 
person must provide their name, SSN, or other information that may be 
in this system of records that will identify them, as well as provide 
an identity document, preferably with a photograph, such as a driver's 
license. Individuals lacking identification documents sufficient to 
establish their identity must certify in writing that they are the 
individual they claim to be and that they understand that the knowing 
and willful request for, or acquisition of, a record pertaining to 
another individual under false pretenses is a criminal offense.
    These procedures are in accordance with our regulations at 20 CFR 
401.40 and 401.45.

CONTESTING RECORD PROCEDURES:
    Same as record access procedures. Individuals should also 
reasonably identify the record, specify the information they are 
contesting, and state the corrective action sought and the reasons for 
the correction with supporting justification showing how the record is 
incomplete, untimely, inaccurate, or irrelevant. These procedures are 
in accordance with our regulations at 20 CFR 401.65(a).

NOTIFICATION PROCEDURES:
    Same as records access procedures. These procedures are in 
accordance

[[Page 2227]]

with our regulations at 20 CFR 401.40 and 401.45.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    71 FR 1847, Financial Transactions of SSA Accounting and Finance 
Offices.
    72 FR 69723, Financial Transactions of SSA Accounting and Finance 
Offices.

[FR Doc. 2020-00331 Filed 1-13-20; 8:45 am]
BILLING CODE 4191-02-P