Accuracy of Data Maintained by the National Directory of New Hires and the Effectiveness of Security Procedures

The employment and wage data contained in the NDNH are critical to the child support program; therefore, accuracy is paramount. One of the primary methods for ensuring accuracy is the provision in statute for verification of Social Security numbers (SSNs) to the extent possible. In accordance with Section 453 (j)(1) of the Act, SSNs submitted to the NDNH go through a rigorous verification process at the Social Security Administration (SSA) to ensure the validity of the information contained in the NDNH and ultimately that any data released, and any action taken pertain to the correct individual.

On W4 and UI submissions, all SSNs are verified before adding the information to the NDNH through a match with the SSA. OCSE is able to verify 88% of the SSN/name combinations that are submitted by states, and 96% of the SSN/name combinations submitted by Federal agencies. SSN/name combinations that are not verified are rejected. Those that are verified are placed on the NDNH, resulting in a 100% accuracy rate of SSN/name combinations on the NDNH and a high rate of accuracy on information being returned to the states.

For some QW submissions, the verification process is modified to accommodate the varying levels of detail received from the SESAs. The law does not require SESAs to provide information in addition to the data that they are already collecting for Department of Labor purposes. Some SESAs do not collect name information, so the QW information from states without enough name data to verify goes into a different status on the NDNH. These names may be returned to states, but with an indicator that SSA was unable to verify the SSN/name combination. If all SESAs gathered name information and provided it to the NDNH, accuracy could be verified in all cases. OCSE assumes that the information should have the same verification rate as other SSN/name combinations reported to the NDNH through QW reporting from SESAs that do collect full names, which is approximately 93%. The verification rate for QW reports from Federal agencies is 98%.

OCSE continually assesses the accuracy of data contained in the NDNH and endeavors to improve the accuracy and quality of the NDNH. For example, OCSE has conducted numerous reviews of the new hire and quarterly wage data submitted by states and Federal agencies. Although data quality review techniques do not include verification of data values against the original source (e.g., employer payroll records), some conclusions about the accuracy of the data can be drawn from the data quality review results.

OCSE has performed three studies on the accuracy of the data on the NDNH, focusing on the Federal Employer Identification Number (FEIN), Employer Address for private employers, and Employer Address for Federal agencies. The findings were that FEINs are 93% accurate, private employer addresses are 96% accurate, and Federal employer addresses are 100% accurate. Studies were also done on the timeliness of the data received, by examining the reporting quarter given in a particular submission and the date of hire reported compared to the date when data were submitted to the NDNH. These results were also quite high. 99% of the records contained the expected reporting quarter, and of the states that reported date of hire (an optional element), 78% were within the statutory reporting period.

Based on the above studies, the information in the required fields is accurate (more than 90%). However, the date of hire study indicates that either records are being submitted with inaccurate dates, or, more likely, reports are being submitted later than the timeframe mandated by law. This timeframe is quite short: W4 data are reported to the NDNH within three days of being reported to the SDNH. As there is no provision for Federal penalties for late reports, and minimal provision for state penalties, this may not be a problem that can be resolved by law, but rather only through continued public education and outreach.

In addition to the OCSE-directed data quality studies, in August 1999, the State of Texas conducted a survey to study the quality and accuracy of matches returned from the NDNH. The Office of the Attorney General’s Child Support Enforcement Division (CSED) randomly chose a sample of 220 NDNH matches resulting from W4 data submitted by employers across the country. State staff called the employers identified in each match to verify that the information in certain data fields was complete and correct. The study is notable both for its having been proactively undertaken on the State’s own initiative, and for its results, which show that the NDNH provides accurate and useful information to caseworkers. The study found that the information returned by the NDNH was more than 95% accurate.

In addition, the survey verified, in 63% of the cases, that the noncustodial parent (NCP) was still working for the employer identified by the NDNH. The fact that nearly two-thirds of the matches provided the NCP’s current employer is particularly noteworthy, given the fact that the more mobile individuals that the NDNH is intended to locate sometimes do not work for a particular employer for more than a short time.

The survey revealed that 98% of the employers were not on Texas’ automated statewide system, the Texas Child Support Enforcement System, because employers returned from NDNH were located in other states. The results of the study underscore the NDNH’s role as a reliable provider of new, accurate, and valuable information, particularly in interstate cases. Texas has reported that over a six-month period, using new hire data and automated income withholdings, the state increased collections by over $68.9 million—34% of which came in cases in which money had been received during the previous two months.

The Texas study demonstrates that NDNH data are valuable, timely and, if used effectively, can produce dramatic results in a short time.

The accuracy of the data on the NDNH is, in general, very high. OCSE recognizes the importance of data quality in the NDNH. OCSE continues to use outreach and education, such as quarterly conference calls with states and reports to states on the accuracy of their submissions. OCSE monitors “reject” and “error” files and works with states to resolve any issues identified in them. OCSE also conducted a pilot project with SSA to provide feedback to employers if SSNs reported were not accurate. OCSE and SSA are currently analyzing the costs and benefits of pursuing this project on a national level. OCSE intends to continue on-going data tracking, analysis, and follow-up to ensure that the quality remains high and improves, where possible.

Due to the sensitivity of the data, the Act requires the Secretary of DHHS to protect the integrity of the data maintained in the NDNH. Sections 453 (l) and (m) detail the Secretary’s responsibilities. OCSE has complied with this requirement in part by developing and implementing a security plan that protects the integrity and confidentiality of the data. The security plan restricts access and disclosure to persons as authorized in the statute, provides system controls, requires monitored access, and promotes security training. The Act also details the administrative, civil and criminal penalties for security violations.

To safeguard the data and to ensure privacy, sections 453(l) and (m) of the Act restrict access to NDNH data to authorized persons and authorized purposes, as delineated in the Act. These include certain persons for child support, custody and visitation purposes, certain persons for title IV (of the Act) purposes, the Social Security Administration for verification and other purposes, the Internal Revenue Service for certain purposes having to do with the Earned Income Tax Credit program, certain researchers for purposes contributing to the Temporary Aid to Needy Families (IV-A) or Child Support (IV-D) programs, and (as added by Public Law 106-113) the Department of Education (ED) for purposes of collection of defaulted student loans. The enabling legislation contained a number of specific safeguarding provisions to protect the privacy of the matched data.

In addition, the NDNH is a system of records under the Privacy Act, so all recipients of information must comply with administrative, technical and physical safeguards for the records matched and the results of the matching program. [See 5 U.S.C. 552a]. Any time access is granted to one of the statutorily-approved outside agencies, that agency is required to sign a Memorandum of Understanding (MOU). The MOUs include security provisions for the administrative, physical and technical safeguarding of NDNH data by the outside agencies.

Under 45 CFR 303.70, all requests for information from the FPLS, including the NDNH, (other than specific Federal agency matches as mentioned above) must come through the State Parent Locator Services (except for U.S. prosecutors in parental kidnapping cases), which adds an additional layer of screening before the information can be released. In addition, Section 453(b)(2) of the Social Security Act requires specific safeguards to prevent the disclosure of information in cases in which domestic violence or child abuse is indicated and disclosure could be harmful to the parent or child, or disclosure could contravene national policy or security interests, or to protect the confidentiality of census data.

Ensuring the security of sensitive data is a top priority for OCSE, and strict measures have been taken in the development, ongoing implementation, and maintenance of the system. The entities responsible for operation and maintenance of the NDNH must implement and follow strict security measures. The entities are as follows:

State and local Child Support Enforcement agencies (CSEs) submit locate requests to the FPLS for crossmatching with NDNH data. If there is a match, NDNH returns data to the CSE.

In addition, the NDNH crossmatches with a database of state case information and returns matches on appropriate individuals. Each state has its own laws that protect the security of the data. In addition, states are bound by Federal laws that protect the NDNH data.

States are required to conduct periodic informal risk analyses to measure state CSE systems' vulnerability to fraud or theft, loss of data, physical destruction, unauthorized access, intrusion and harm to agency activities. Risk analyses also take place whenever a significant change to the systems' physical security, hardware, or operating system occurs. In addition, Section 454 (26) of the Social Security Act requires that all state IV-D plans include safeguards to protect confidential data, and Section 454A of the Act has requirements for appropriate statewide automated systems security. A state cannot participate in the NDNH match, or receive TANF block grant funds, without having an approved state IV-D plan.

State CSE agencies have been operating CSE systems for many years. States deal with very sensitive and personal data from all levels of government. The states follow very strict disclosure guidelines, and all states have laws that protect data confidentiality.

Personnel Security: The State System Certification Guide requires that state CSE agencies must provide security awareness training to all personnel who may have access to, or use of, confidential program data. Personnel must be informed of applicable requirements and penalties for unauthorized use or disclosure of the data. OCSE has taken an active role in working with state CSE agencies to enhance security awareness and provide training.

Technical Security: To ensure network security, states use SSA's dedicated network to transmit NDNH information to and receive NDNH information from OCSE. The State System Certification Guide includes extensive requirements for computer security including: validation and verification procedures for changes to master files and application software, recovery and re-start capabilities for application software development, using test data rather than live production data for testing, strictly limiting access to system utility programs, restricting override capability on editing problems to supervisory personnel, logging all system-generated overrides, generating record counts to validate the completeness of the data processed, and automatically writing all rejected data to a suspense file. States are required to protect against unauthorized access to computer resources and data to reduce erroneous or fraudulent activities and ensure the privacy rights of individuals. States are also required to use system controls such as passwords and blocking of data elements to prevent unauthorized access. States routinely monitor access and use of the system with audit trails and feedback mechanisms.

There are provisions under the Act for access to NDNH data by other Federal agencies. These include the SSA for any purpose, the Secretary of the Treasury for purposes of administering the Earned Income Tax Credit program and verifying claims with respect to employment in tax returns, and (as added by Public Law 106-113) the Department of Education for purposes of collection of defaulted student loans. The enabling legislation contained a number of specific safeguarding provisions to protect the privacy of the matched data.

SSA performs two kinds of matches with the NDNH. Both are for purposes of the Supplemental Security Income (SSI) program under Title XVI of the Act. The first of the two matches is a quarterly match; the second is a “real-time” match. All of the physical, personnel, and technical security provisions discussed earlier for SSA apply to the quarterly and the real-time matches. In addition to these safeguards, SSA has implemented heightened safeguards for the real-time match. SSA, working with OCSE, specifically designed the system to include an anti-browsing tool for access to the NDNH. Employees cannot access their own records, or records in the “celebrity file,” and employees have the minimum access necessary to perform job duties. SSA cannot modify, manipulate, add to or delete data from the OCSE database. SSA is limited to “reading” data from NDNH only if there is a SSI entitlement or eligibility issue and there are wages, UI or W4 data in the NDNH. The read-only query has an audit trail, which provides for the collection and storage of audit trail data in the security Audit Trail System (ATS). ATS access is limited to SSA Security Officers.

IRS has not requested NDNH information.

The Department of Education sends a file of delinquent debtors to OCSE for matching against the NDNH on a quarterly basis. These debtors are compared with the NDNH, and matched individuals are returned. ED then screens out the individuals who earn over $16,000 per year. These individuals are sent back to the guaranty agencies for further enforcement action. Information is independently verified before any action is taken against the debtor. ED restricts access to the information contained in the NDNH records to those personnel whose official duties require use of the data. ED has developed a security plan that comports with the requirements of the MOU, which include a security agreement to be signed by each guaranty agency as a condition to the receipt of NDNH data from ED. These safeguards are consistent with the security requirements contained in the HHS Automated Information Systems Security Programs Handbook. ED provides written notice to personnel who have access to the NDNH data of the confidential nature of the data, the safeguards required to protect the NDNH data, and the civil and criminal sanctions for noncompliance in the appropriate Federal statutes, including subsection (i) of the Privacy Act, 5 U.S.C. 552a (i). All NDNH records are stored in an area that is physically safe from access by unauthorized persons during duty hours as well as non8209duty hours or when not in use.

Finally, the Secretary may provide access to the NDNH for research purposes found by the Secretary to be likely to contribute to achieving the purposes of Title IV-A (Temporary Aid to Needy Families) or Title IV-D, but without personal identifiers. Such matches require a MOU, which includes appropriate provisions for safeguarding and security of the data.