Effective Date: December 23, 2007
72 F.R. 71470.
SOCIAL SECURITY ADMINISTRATION NOTICE OF SYSTEM OF RECORDS REQUIRED BY THE
PRIVACY ACT OF 1974
System number:
60-0350
System
name:
Visitor
Intake Process/Customer Service Record (VIP/CSR) System.
Security classification:
None.
System location:
Social
Security Administration
Office
of Systems
Categories
of individuals covered by the system:
This system covers visitors to the Social Security Administration (SSA) field offices (FO) for various purposes (see ‘‘Purpose(s)’’ section below); individuals who have threatened an act of violence, commit, or attempt to commit, a violent crime against an SSA employee, a visitor to any SSA office conducting business or another individual accompanying such visitor, or to any SSA office; and SSA beneficiaries, claimants, attorney or non-attorney representatives, or representative payees who commit, or attempt to commit, a violent crime, have an outstanding arrest warrant, and who we reasonably believe will attempt to contact one of our facilities to conduct program business.
Categories
of records in the system:
This system contains the following information about each visitor:
(1) Visitor information, such as Social Security number, full name and date of birth, when such information is provided by the visitor;
(2) Visitor information, such as the time the visitor entered and left the office, an assigned group number, number of interviews associated with the visit and remarks associated with the visit;
(3) Appointment information, such as date and time of appointment, source of appointment and appointment unit number (unit establishing appointment);
(4) Notice information, such as close-out notice type (e.g., title II 6-month closeout letter, title XVI SSA–L991) and close-out notice date/time when sent;
(5) Interview information, such as each occurrence, subject of interview, estimated waiting time, preferred language, type of translator, the number of the interview in the queue, interview disposition (e.g., completed, deleted, left without service), interview priority, start and ending time and name of interviewer;
(6) SSN, full name and relationship to claimant or beneficiary, when such information is provided;
(7) ‘‘High Risk’’ alert information about individuals who take action, or threaten to take action, that affects the security and safety of our employees, security guards, visitors, facilities, or records; i.e., personal information about the visitor such as name, SSN, date of birth, specific nature of the threat or act of violence, the date, time, and location of the threat or act of violence;
(8) Source of the report from the SSA– 3114–U4; and
(9) ‘‘High Risk’’ alert information about beneficiaries, claimants, attorney or non-attorney representatives, or representative payees who commit, or attempt to commit, a violent crime, have an outstanding arrest warrant, and who we reasonably believe will attempt to contact one of our facilities to conduct program business; i.e., personal information about the individuals such as name, SSN, date of birth, information pertaining to the specific nature of the crime, and the date, time, and location of the crime.
Authority
for maintenance of the system:
Sections 222, 223, 225, 1611, 1615, 1631 and 1633 of the Social Security Act (42 U.S.C. 422, 423, 425, 1382, 1382d, 1383 and 1383b); the Federal Records Act of 1950 (Pub. L. 81–754, 64 Stat. 583), as amended.
Purpose(s):
Information in VIP/CSR System is used to:
The information
collected from visitors to SSA FOs will be used for filing claims for benefits
under title II, transacting post-entitlement actions if currently entitled to
benefits under title II, filing claims for benefits under title XVI, transacting
post-eligibility actions if currently eligible for benefits under title XVI,
obtaining an SSN, transacting other actions related to a SSN, or other actions
or queries that may require an interview at SSA.
The information collected from the ‘‘High Risk’’ alert will be used to advise
the intake employees at any SSA office of the potential security risk and to use
extra caution when dealing with the individual who is before them and/or who has
scheduled an appointment. The ‘‘High Risk’’ alert will include personal
information about the visitor such as name, SSN, date of birth, specific nature
of the threat or act of violence, and the date, time, and location of the threat
or act of violence.
Routine uses of records maintained in the system, including categories of
users and the purpose of such uses:
Disclosures may be made for routine uses as indicated below.
1. To the Office of the President for the purpose of responding to an individual pursuant to an inquiry received from that individual or from a third party on his or her behalf.
2. To a congressional office in response to an inquiry from that office made at the request of the subject of a record.
3. To the Department of Justice (DOJ), a court, or other tribunal, or other party before such tribunal when:
(a) The Social Security Administration (SSA), or any component thereof, or
(b) Any SSA employee in his or her official capacity; or
(c) Any SSA employee in his or her individual capacity where DOJ (or SSA where it is authorized to do so) has agreed to represent the employee; or
(d) The United States, or any agency thereof, where SSA determines that the litigation is likely to affect the operations of SSA or any of its components is party to litigation or has an interest in such litigation, and SSA determines that the use of such records by DOJ, a court, or other tribunal is relevant and necessary to the litigation, provided, however, that in each case, SSA determines that such disclosure is compatible with the purpose for which the records were collected.
4. To contractors and other Federal agencies, as necessary, to assist the Social Security Administration in the efficient administration of its programs.
5. To student volunteers, individuals working under a personal services contract, and other individuals performing functions for the Social Security Administration, but technically not having the status of Agency employees, if they need access to the records in order to perform their assigned Agency functions.
6. To the General Services Administration and National Archives and Records Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by the NARA Act of 1984, information that is not restricted from disclosure by Federal law for the use of those agencies in conducting records management studies.
7. To Federal, State, and local law enforcement agencies and private security contractors as appropriate, information necessary:
(a) To enable
them to protect the safety of Social Security Administration (SSA) employees and
customers, the
security of the SSA workplace and the operation of SSA facilities, or
(b) To assist investigations or prosecutions with respect to activities that affect such safety and security or activities that disrupts the operation of SSA facilities.
8. To the appropriate law enforcement official, the Social Security Administration (SSA) may disclose information regarding a Social Security beneficiary, claimant, attorney or non-attorney representative, or representative payee who is the subject of an outstanding arrest warrant for having committed, or having attempted to commit, a violent crime for the purposes of determining whether SSA should include an individual’s information in the VIP/CSR System or remove an individual’s information from the system because he or she no longer meets the criteria (i.e., the individual is in the custody of law enforcement, is no longer a suspect or has been exonerated, or is deceased).
9.
We may disclose information to appropriate Federal, State, and local agencies,
entities, and persons when (1) we suspect or confirm that the security or
confidentiality of information in this system of records has been compromised;
(2) we determine that as a result of the suspected or confirmed compromise there
is a risk of harm to economic or property interests, identity theft or fraud, or
harm to the security or integrity of this system or other systems or programs of
SSA that rely upon the compromised information; and (3) we determine that
disclosing the information to such agencies, entities, and persons is necessary
to assist in our efforts to respond to the suspected or confirmed compromise and
prevent, minimize, or remedy such harm. SSA will use this routine use to respond
only to those incidents involving an unintentional release of its records.
Policies
and practices for storing, retrieving, accessing, retaining and disposing of
records in the system:
Storage:
Records in this system are maintained in both electronic and paper form (e.g., magnetic tape and disc and microfilm).
Retrievability:
Records in this system will be retrieved by the individual’s SSN and/ or name.
Safeguards:
Security measures include the use of access codes to enter in the computer system, which will maintain the data and storage of the computerized records in secured areas that are accessible only to employees who require the information in performing their official duties. SSA employees who have access to the data will be informed of the criminal penalties of the Privacy Act for unauthorized access to or disclosure of information maintained in the system. See 5 U.S.C. 552a(i)(1).
Contractor personnel and/or alternate participants having access to data in the system of records will be required to adhere to SSA rules concerning safeguards, access and use of the data.
Retention
and disposal:
Records in the Visitor Intake Process/ Customer Service Record (VIP/CSR) System ‘‘High Risk’’ file will be retained for five years in accordance with Section E of NC–47–76–12. The means of disposal of the information in the Visitor Intake Process/Customer Service Record (VIP/CSR) System ‘‘High Risk’’ file will be appropriate to the storage medium (e.g., deletion of individual electronic records or shredding of paper records). Additionally, management officials will have the ability to delete records from the ‘‘High Risk’’ file electronic database.
System
manager(s) and address(es):
Deputy Commissioner
Office of Systems
Social Security Administration
Notification
procedure(s):
An individual can determine if this system contains a record about him or her by writing to the system manager(s) at the above address and providing his or her name, SSN, or other information that may be in the system of records that will identify him or her. An individual requesting notification of records in person should provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver’s license. If an individual does not have identification documents sufficient to establish his or her identity, the individual must certify in writing that he or she is the person claimed to be and that he or she understands that knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.
If notification is requested by telephone, an individual must verify his or her identity by providing identifying information that parallels the record to which notification is being requested. If it is determined the identifying information provided by telephone is insufficient, the individual will be required to submit a request in writing or in person. If an individual is requesting information by telephone on behalf of another individual, the subject individual must be connected with SSA and the requesting individual in the same phone call. SSA will establish the subject individual’s identity (his or her name, SSN, address, date of birth and place of birth, along with one other piece of information such as mother’s maiden name), and ask for his or her consent in providing information to the requesting individual.
If a request for notification is submitted by mail, an individual must include a notarized statement to SSA to verify his or her identity or must certify in the request that he or she is the person claimed to be and that he or she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense. These procedures are in accordance with SSA Regulations (20 CFR 401.40).
Record
access procedure(s):
Same as Notification procedure(s). Requesters also should reasonably specify the record contents they are seeking. These procedures are in accordance with SSA Regulations (20 CFR 401.40).
Contesting
record procedure(s):
Same as Notification procedures. Requesters also should reasonably identify the record, specify the information they are contesting, and state the corrective action sought, and the reasons for the correction, with supporting justification showing how the record is untimely, incomplete, inaccurate or irrelevant. These procedures are in accordance with SSA Regulations (20 CFR 401.65).
Record
source categories:
Information in this system of records is obtained from information collected from individuals interviewed in person in SSA FOs, from existing systems of records, such as the Claims Folders System, 60–0089; Master Beneficiary Record, 60–0090, Supplemental Security Income Record and Special Veterans Benefits, 60–0103; from information generated by SSA, such as computer date/time stamps at various points in the interview process; and from law enforcement.
Systems
exempt from certain provisions of the Privacy Act:
None.