Effective Date: August 8, 2010

(71 F.R. 16397)

 

SOCIAL SECURITY ADMINISTRATION NOTICE OF SYSTEM OF RECORDS REQUIRED BY THE PRIVACY ACT OF 1974

 

System number:  60-0372

 

System name: 

 

Economic Recovery List (ERL) Database, Social Security Administration

 

Security classification: 

 

None.

 

System location: 

 

Social Security Administration

Office of Retirement and Survivors Insurance Systems

6401 Security Boulevard

Baltimore, Maryland 21235

 

 

Categories of individuals covered by the system: 

 

          Persons receiving benefits under Title II and XVI of the Social Security Act, as well as those covered by the Railroad Retirement Board (RRB) and the Department of Veterans Affairs, Veterans Benefits Administration (VBA).  Executors or other persons qualified to receive a decedent’s payment in the event that, between when a person is determined eligible and issuance of the payment, that person has died.

 

Categories of records in the system: 

 

          This system will contain information regarding the payees and payments made under provisions of the American Recovery and Reinvestment Act of 2009 (ARRA) or other similar legislation.  For Title II and Title XVI beneficiaries, this system will contain the person’s Social Security number (SSN), claim account number, beneficiary identification code, reason for non-payment, and post-payment information such as DOT Offset Payment (TOP), returned payment, returned payment, non-receipt claims, reclamation claims, limited payability data, and the name of an executor or other person qualified to receive payment, tax identification number, and mailing address for reissuance of payment to the estate of the deceased if, between the determination that a person is eligible and the issuance of payment that person has died.  For payments made by RRB and VBA, the system will contain the person’s SSN. For all payments the system will contain the agency that qualified the person to receive the payment.

 

Authority for maintenance of the system: 

 

Title II, Section 2201, Subtitle C of the ARRA.

 

Purpose(s): 

 

We will use data in this system to determine persons eligible for a one-time payment under the ARRA, or any subsequent payments authorized under an amendment to or legislation similar to the ARRA, and to prevent duplicate payments to those who qualify under more than one criterion.

 

Routine uses of records maintained in the system, including categories of users and the purpose of such uses: 

 

Disclosure may be made for routine uses as indicated below:

 

1.       To the Department of the Treasury to prepare checks or payments it will send to those persons eligible for the one-time payment, or similar payments subsequently authorized under the ARRA or other legislation.

 

2.       To the Department of the Treasury to allow the Department to recover debts to the Federal government under the Treasury Offset Program.

 

3.       To the Internal Revenue Service to allow for administration of the Make Work Pay credit.

 

4.       To the Office of the President in response to an inquiry from that office made at the request of the subject of the record or a third party on that person’s behalf.

 

5.       To a congressional office in response to an inquiry from that office made at the request of the subject of a record or a third party on that person’s behalf.

 

6.       To the Department of Justice (DOJ), a court, other tribunal, or another party before such court or tribunal when:

 

a)           The agency or any of our components; or

 

b)           Any agency employee in his or her official capacity; or

 

c)            Any agency employee in his or her individual capacity when DOJ (or the agency when we are authorized to do so) has agreed to represent the employee; or

 

d)           the United States or any agency thereof when we determine that the litigation is likely to affect our operations or any of its components,

 

is party to the litigation or has an interest in such litigation, and we determine that the use of such records by DOJ, a court, other tribunal, or another party before such court or tribunal is relevant and necessary to the litigation.  In each case, however, we must determine that such disclosure is compatible with the purpose for which we collected the records.

 

7.       To our contractors and other Federal agencies, as necessary, to assist us in efficiently administering our programs.

 

8.       To student volunteers, persons working under a personal services contract, and others  who are not technically Federal employees, when they are performing work for us as authorized by law, and they need access to information in our records in order to perform their assigned agency duties.

 

9.       To the Railroad Retirement Board and Department of Veterans Affairs, Veterans Benefits Administration, to identify persons who qualify for a payment as a beneficiary from more than one agency.

 

10.    To the appropriate Federal, State, and local agencies, entities, and persons when:

 

a)           we suspect or confirm that the security or confidentiality of information in this system of records has been compromised;

 

b)           we determine that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, risk of identity theft or fraud, or harm to the security or integrity of this system or our other systems or programs that rely upon the compromised information; and

 

 

c)            we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.  We will use this routine use to respond only to those incidents involving an unintentional release of our records.

 

11.    To Federal, State, and local law enforcement agencies and private security contractors, as appropriate, information necessary:

 

a)           to enable them to ensure the safety of our employees and customers, the security of our workplace, and the operation of our facilities; or

 

b)           to assist investigations or prosecutions with respect to activities that affect such safety, security, or activities that disrupt the operation of our facilities.

 

12.    To the General Services Administration and the National Archives and Records   Administration (NARA) under 44 U.S.C. §§ 2904 and 2906, as amended by the NARA Act, information that is not restricted from disclosure by Federal law for their use in conducting records management studies.

 

 

Policies and practices for storing, retrieving, accessing, retaining and disposing of records in the system:

 

Storage: 

 

We maintain and store records in this system in electronic form.

 

Retrievability: 

 

We retrieve records by beneficiary Social Security number, claim account number, or beneficiary identification code.

 

Safeguards: 

 

We retain electronic files with personal identifiers in secure storage areas accessible only to our authorized employees and contractors who have a need for the information when performing their official duties.  Security measures include the use of access codes (personal identification number (PIN) and password) to enter our computer systems that house the data.

 

We annually provide all our employees and contractors with appropriate security awareness and training that includes reminders about the need to protect personally identifiable information and the criminal penalties that apply to unauthorized access to, or disclosure of, personally identifiable information (5 U.S.C. § 552a(i)(l)).  Furthermore, employees and contractors with access to databases maintaining personally identifiable information must sign a sanction document annually, acknowledging their accountability for inappropriately accessing or disclosing such information.

 

Retention and disposal: 

 

We maintain records in SSA headquarters within the Office of Retirement and Survivors Insurance Systems.  We will maintain these records for seven years, pending application of an appropriate General Records Schedule, or approval by NARA, of the proposed retention.

 

System manager and address: 

 

Project Manager

Office of Retirement and Survivors Insurance Systems

Social Security Administration

6401 Security Boulevard

Baltimore, Maryland 21235-6401

 

Notification procedure: 

 

Persons can determine if this system contains a record about them by writing to the system manager at the above address and providing their name, SSN, or other information in this system of records that will identify them.  Persons requesting notification by mail must include a notarized statement to us to verify their identity or must certify in the request that they are the person they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another person under false pretenses is a criminal offense.

 

Persons requesting notification of records in person must provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver's license.  Persons lacking identification documents sufficient to establish their identity must certify in writing that they are the person they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another person under false pretenses is a criminal offense.

 

Persons requesting notification by telephone must verify their identity by providing identifying information that parallels the information in the record about which they are requesting notification.  If we determine that the identifying information the person provides by telephone is insufficient, we will require the person to submit a request in writing or in person.  If a person requests information by telephone on behalf of another person, the subject person must be on the telephone with the requesting person and us in the same phone call.  We will establish the subject person’s identity (his or her name, SSN, address, date of birth, and place of birth, along with one other piece of information such as mother's maiden name) and ask for his or her consent to provide information to the requesting person.  These procedures are in accordance with our regulations at 20 C.F.R. §§ 401.40 and 401.45.

 

Record access procedures: 

 

Same as notification procedures.  Persons also should reasonably specify the record contents they are seeking.  These procedures are in accordance with our regulations (20 C.F.R. § 401.40(c)).

 

Contesting record procedures: 

 

Same as notification procedures.  Persons also should reasonably identify the record, specify the information they are contesting, and state the corrective action sought and the reasons for the correction with supporting justification showing how the record is incomplete, untimely, inaccurate, or irrelevant.  These procedures are in accordance with our regulations (20 C.F.R. § 401.65(a)).

 

Record source categories: 

 

We obtain data covered by this system of records from information in our existing systems of records (e.g., the Master Beneficiary Record, 60‑0090 and Supplemental Security Income Record and Special Veterans Benefits, 60-0103), as well as from systems of records of the Railroad Retirement Board and Veterans Benefits Administration. We may also obtain data from an executor or other person qualified to receive a decedent’s payment in the event that, between when a person is determined eligible and the issuance of payment, that person has died.

 

Systems exempt from certain provisions of the Privacy Act:

 

None.