[Congressional Record Volume 154, Number 111 (Tuesday, July 8, 2008)]
[Senate]
[Page S6430]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]


[[Page S6430]]
                       IDENTIFYING BENEFICIARIES

  Mr. DURBIN. Mr. President, the inspector general of the Social 
Security Administration recently issued a report taking the Centers for 
Medicare and Medicaid Services to task for its failure to take steps to 
implement the inspector general's recommendation that the agency stop 
using Social Security numbers as a beneficiary identifier. I support 
the inspector general's efforts and would like to bring this issue to 
the attention of my colleagues.
  Social Security numbers were originally created to administer the 
Social Security Program. Over time, the public and private sectors 
began to use Social Security numbers for a variety of other purposes.
  Use of Social Security numbers is a convenient method to identify 
individuals. But wide-spread use of Social Security numbers also 
increases the risk of identity theft and fraud. In 2006, the Federal 
Trade Commission reported that more than 8 million Americans were 
victims of identity theft in the prior year.
  Identity thieves can obtain an individual's personal information by 
stealing mail or a wallet or rummaging through your trash. That 
personal information can be used to obtain a credit card in your name, 
write bad checks from a bank account created in your name, or authorize 
the electronic transfer of funds from your bank account to a different 
account.
  A Social Security number is a key piece of information used in 
identity thefts. Recognizing this threat, many public and private 
entities have taken steps to limit the use and display of Social 
Security numbers.
  Last year, the Office of Management and Budget called on Federal 
agencies to safeguard personally identifiable information. It required 
agencies to establish plans to eliminate unnecessary collection and use 
of Social Security numbers and to explore alternatives to Social 
Security numbers.
  A number of Federal agencies are reducing the use of Social Security 
numbers. The Department of Veterans Affairs no longer displays Social 
Security numbers on new veteran identification cards. The Department of 
Defense is issuing health cards that no longer display Social Security 
numbers. And the Office of Personnel Management has directed health 
insurers participating in the Federal Employees Health Benefit Program 
to eliminate Social Security numbers from insurance cards.
  Unfortunately, the Centers for Medicare and Medicaid Services 
continues to display Social Security numbers on Medicare identification 
cards. Consumers Union and others have noted this practice needlessly 
places Medicare beneficiaries at risk for identity theft.
  The Social Security Administration urges people not to carry their 
Social Security cards with them in order to protect against theft. But 
Medicare beneficiaries are instructed to carry their Medicare 
identification cards with them--cards with the very same Social 
Security number on them. Why would CMS increase senior citizens' 
vulnerability to identity theft?
  I first raised this concern in 2005 and successfully offered an 
amendment to the Senate version of the fiscal year 2006 Labor-HHS-
Education appropriations bill to require CMS to provide a report to 
Congress outlining a plan to move away from using Social Security 
numbers on Medicare identification cards.
  CMS prepared a report and provided estimates of the cost and time it 
would take to switch to an identification system other than Social 
Security numbers. But it has failed to implement that plan.
  Last month, the inspector general of the Social Security 
Administration issued a report that examined how CMS is responding to 
an IG recommendation in 2006 to remove Social Security numbers from 
Medicare cards. The inspector general found that CMS has not done 
anything beyond preparing the report to Congress.
  The inspector general made his position clear. The report states:

       Given the millions of individuals at risk for identity 
     theft and OMB's directive to eliminate unnecessary uses of 
     [Social Security numbers], we believe immediate action is 
     needed to address this significant vulnerability.

  The report also declares:

       We do not believe a Federal agency should place more value 
     on convenience than the security of its beneficiaries' 
     personal information.

  It is very disappointing that CMS is not taking recommended steps to 
protect Medicare beneficiaries from identity theft.
  Private health insurers have moved away from using Social Security 
numbers. Other Federal agencies have too. It is time for CMS to do the 
same.

                          ____________________