[Federal Register Volume 70, Number 197 (Thursday, October 13, 2005)]
[Notices]
[Pages 59794-59798]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 05-20503]


-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION


Privacy Act of 1974, as Amended; Alterations to Existing System 
of Records and New Routine Use Disclosure

AGENCY: Social Security Administration (SSA).

ACTION: Altered System of Records and Proposed New Routine Use.

-----------------------------------------------------------------------

[[Page 59795]]

SUMMARY: In accordance with the Privacy Act (5 U.S.C. 552a(e)(4) and 
(e)(11)), we are issuing public notice of our intent to alter an 
existing system of records entitled the Visitor Intake Process/Customer 
Service Record (VIP/CSR) System, 60-0350. The proposed alterations will 
result in the following changes to the VIP/CSR system of records:
    (1) Expansion of the categories of individuals covered by the VIP/
CSR system of records to include individuals who visit any SSA office 
or who may contact any SSA office by telephone and/or by e-mail and who 
attempt or commit a violent act or make threats of violence towards an 
SSA employee, any individual visiting an SSA office conducting 
business, or any SSA office; and recording identifying information 
about the individual within the Visitor Intake Process/Customer Service 
Record (VIP/CSR) system.
    (2) Expansion of the categories of records maintained in the VIP/
CSR system of records to include identifying information about the new 
category of individuals that will be maintained in the VIP/CSR system 
of records, and a ``High Risk'' alert indicator based on type of threat 
or act of violence perpetrated by the individual.
    (3) Expansion of the purposes for which SSA uses information 
maintained in the VIP/CSR system of records to include use of the 
system to alert employees in a Social Security office when an 
individual attempted or committed a violent act or made threats of 
violence towards an SSA employee, any individual visiting an SSA office 
conducting business, or any SSA office ; and
    (4) A proposed new routine use disclosure applicable to information 
in the VIP/CSR system of records providing for the release of 
information to law enforcement agencies and private security 
contractors to protect the safety of SSA employees and customers, the 
security of the SSA workplace and the operation of SSA facilities, or 
to assist investigations or prosecutions with respect to activities 
that affect such safety and security or activities that disrupts the 
operation of SSA facilities.
    All of the proposed alterations are discussed in the Supplementary 
Information section below. We invite public comment on this proposal.

DATES: We filed a report of the proposed new routine use disclosures 
with the Chairman of the Senate Committee on Homeland Security and 
Governmental Affairs, the Chairman of the House Committee on Government 
Reform, and the Director, Office of Information and Regulatory Affairs, 
Office of Management and Budget (OMB) on October 3, 2005. The proposed 
altered system of records, including the proposed new routine use 
respective to the system, will become effective on November 12, 2005, 
unless we receive comments warranting them not to become effective.

ADDRESSES: Interested individuals may comment on this publication by 
writing to the Deputy Executive Director, Office of Public Disclosure, 
Office of the General Counsel, Social Security Administration, Room 3-
A-6 Operations Building, 6401 Security Boulevard, Baltimore, Maryland 
21235-6401. All comments received will be available for public 
inspection at the above address.

FOR FURTHER INFORMATION: Contact Earlene Whitworth Hill, Social 
Insurance Specialist, Office of Public Disclosure, Office of the 
General Counsel, Social Security Administration, in Room 3-A-6 
Operations Building, 6401 Security Boulevard, Baltimore, Maryland 
21235-6401, telephone at (410) 965-1817, e-mail: 
[email protected].

SUPPLEMENTARY INFORMATION:

I. Background and Purpose of the Proposed Alterations to the VIP/CSR 
System of Records

A. General Background

    SSA originally published a notice of the VIP/CSR system of records 
in the Federal Register at 67 FR 63489, October 11, 2002. SSA uses 
information in the VIP/CSR system of records for management information 
and administrative purposes, such as tracking scheduled appointments 
and monitoring visitor information, and for programmatic purposes 
associated with individuals' claims for benefits under programs 
administered by SSA. We are making several alterations to the VIP/CSR 
system of records as discussed below.

B. Discussion of Proposed Alterations to the VIP/CSR System of Records

    SSA provides a variety of services to the general public in 
connection with various programs under the Social Security Act. This 
involves personal interaction between SSA employees and the public on 
many occasions. At times, individuals with whom SSA employees must 
interact make threats or commit acts of violence against SSA employees. 
On these occasions, appropriate measures are employed to ensure the 
safety of our employees and the public. These measures include using 
security guards to maintain order in Social Security offices and 
contacting law enforcement officials, as necessary.
    However, we have never had a reliable means of ensuring that our 
employees in one office would have knowledge of an incident involving 
an individual in another office. We are developing a ``High Risk'' 
alert to assist in protecting the safety of our employees, individuals 
conducting business with SSA and other individuals accompanying such 
individuals, and SSA facilities. We are proposing to implement the 
``High Risk'' alert by making alterations to the VIP/CSR system of 
records to allow the electronic maintenance of the ``High Risk'' alert 
indicator as a part of the VIP/CSR system of records. This will enable 
SSA employees at any SSA office to be aware of the potential security 
risks and to use extra caution when dealing with an individual who is 
identified in the VIP/CSR system of records as having made a threat or 
committed an act of violence against an SSA employee, a member of the 
public conducting business at an SSA facility, or an SSA facility. The 
specific changes to the VIP/CSR system of records are discussed below.
1. Expansion of the Categories of Individuals Covered by the VIP/CSR 
System of Records
    We are adding a new category of individuals to the VIP/CSR system 
of records to include information about individuals who contact any SSA 
office in person, by telephone, or by mail and make a threat, or commit 
an act of violence, against an SSA employee, individuals conducting 
business with SSA or other individuals accompanying such individuals, 
or any SSA office.
2. Expansion of the Categories of Records Maintained in the VIP/CSR 
System of Records
    We are expanding the categories of records covered by the VIP/CSR 
system of records to include the following ``High Risk'' alert 
information about an individual who makes a threat or commits an act of 
violence against an SSA employee, individuals conducting business with 
SSA or other individuals accompanying such individuals, or any SSA 
office:
     Identifying information such as the individual's name and/
or Social Security number, and date of birth;
     Information pertaining to the specific nature of the 
threat or act of violence; and
     Information pertaining to the date and time, and the 
location of the threat or act of violence.

[[Page 59796]]

3. Expansion of the Purpose(s) of the VIP/CSR System of Records
    We are expanding the purposes for which we use the information 
maintained in the VIP/CSR system to include a ``High Risk'' alert. The 
alert information will assist SSA employees in identifying individuals 
who have threatened an act of violence or who have committed an act of 
violence against an SSA employee, a visitor to any SSA office, or any 
SSA office.

II. Proposed New Routine Use Disclosure of Data Maintained in the VIP/
CSR System of Records

A. Establishment of New Routine Use

    We are proposing to establish a new routine use which allows 
disclosure of information maintained in the Visitor Intake Process/
Customer Service Record system to law enforcement agencies and private 
security contractors.
    Federal, State, and local law enforcement agencies, and private 
security contractors, have responsibility for preventing, handling, 
monitoring and investigating incidents that affect the safety and 
security of SSA employees, customers, and workplaces, or otherwise 
disrupt SSA operations. Prosecution of persons involved in these 
activities for violation of Federal or local laws may also be 
appropriate. SSA managers of most SSA leased facilities have to rely 
primarily on local law enforcement authorities and private security 
contractors to meet the protective security needs of customers, 
employees and workplaces.
    The new routine use in the VIP/CSR system of records, numbered 7, 
provides for disclosure of information:
    To Federal, State, and local law enforcement agencies and private 
security contractors, as appropriate, information necessary:
    (a) To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace and the operation of SSA 
facilities, or
    (b) To assist investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupts the operation of SSA facilities.

B. Compatibility of Proposed New Routine Use Disclosure

    The Privacy Act (5 U.S.C. 552a(a)(7) and (b)(3)) and SSA's 
disclosure regulation (20 CFR part 401) permit us to disclose 
information under a published routine use for a purpose that is 
compatible with the purpose for which we collected the information. 
Section 401.150(c) of the regulation permits us to disclose information 
under a routine use, where necessary, to carry out SSA programs or 
assist other agencies in administering similar programs. In order for 
SSA to carry out its programs, it must ensure that its places of 
business are safe and secure for both customers and employees, that 
premises and property are safe from theft and damages, that employees 
can perform their duties without fear of intimidation or injury, and 
that SSA can prevent and appropriately deal with disruptions in the 
operation of its facilities. In so far as disclosure to law enforcement 
agencies and private security contractors will help to accomplish these 
objectives, the disclosures are an integral part of our program 
administration responsibilities. Thus, the proposed new routine use 
disclosure is appropriate and meets the relevant statutory and 
regulatory criteria.

III. Effect of the Proposed Alterations to the VIP/CSR System of 
Records

    The proposed alterations and new routine use disclosure to the 
Visitor Intake Process/Customer Service Record (VIP/CSR) System pertain 
to SSA's responsibilities in collecting, maintaining, and disclosing 
information about individuals who have threatened an act of violence 
and/or who have committed an act of violence against an SSA employee, a 
visitor to any SSA office, and to any SSA office. We will adhere to all 
applicable statutory requirements, including those under the Social 
Security Act and the Privacy Act, in carrying out our responsibilities. 
Therefore, we do not anticipate that the proposed alterations and new 
routine use disclosure will have an unwarranted adverse effect on the 
right of individuals.

    Dated: October 3, 2005.
Jo Anne B. Barnhart,
Commissioner.
SYSTEM NUMBER: 60-0350.

System name:
    Visitor Intake Process/Customer Service Record (VIP/CSR) System.

Security classification:
    None.

System location:
    Social Security Administration, Office of Systems, 6401 Security 
Boulevard, Baltimore, Maryland 21235.

Categories of individuals covered by the system:
    This system covers visitors to the Social Security Administration 
(SSA) field offices (FOs) for various purposes (see ``Purpose(s)'' 
section below) and individuals who have threatened an act of violence 
or have committed an act of violence against an SSA employee, a visitor 
to any SSA office conducting business or another individual 
accompanying such visitor, or to any SSA office.

Categories of records in the system:
    This system contains the following information about each visitor: 
(1) Visitor information such as Social Security number (SSN), full name 
and date of birth, when such information is provided by the visitor; 
(2) visit information such as the time visitor entered and left the 
office, an assigned group number, number of interviews associated with 
the visit and remarks associated with the visit; (3) appointment 
information such as date/time of appointment, source of appointment and 
appointment unit number (unit establishing appointment); (4) notice 
information such as close-out notice type (e.g., title II 6-month 
closeout letter, title XVI SSA-L991) and close-out notice date/time 
when sent; (5) interview information such as each occurrence, subject 
of interview, estimated waiting time, preferred language, type of 
translator, number of interview in queue, interview disposition (e.g., 
completed, deleted, left without service), interview priority, start 
and ending time and name of interviewer; (6) SSN, full name and 
relationship to claimant/beneficiary, when such information is 
provided; (7) ``High Risk'' alert information; i.e., personal 
information about the visitor such as name, SSN, date of birth, 
specific nature of the threat or act of violence, the date and time, 
and the location of the threat or act of violence; and (8) source of 
the report from the SSA-3114-U4.

Authority for maintenance of the system:
    Sections 222, 223, 225, 1611, 1615, 1631 and 1633 of the Social 
Security Act (42 U.S.C. 422, 423, 425, 1382, 1382d, 1383 and 1383b); 
the Federal Records Act of 1950 (Pub. L. 81-754, 64 Stat. 583), as 
amended.

Purpose(s):
    Information in this system will be used to:
     Provide a means of collecting waiting time data on all in-
office interviews in SSA FOs;
     Provide management information on other aspects of all in-
office interviews in SSA FOs;
     Provide a source for customer service record data 
collection for such interviews, and
     Capture discrete data about the volume and nature of 
inquiries to

[[Page 59797]]

support management decisions in the areas of process improvement and 
resource allocation.
     Provide a means of collecting information about 
individuals who have threatened an act of violence and/or have 
committed an act of violence against an SSA employee, or a visitor to 
any SSA office conducting business, and/or to any SSA office.
     Generate a timely ``High Risk'' alert to the intake 
employees of the possibility of an individual who possibly pose a 
security risk.
     Provide a standard approach to insuring the safety of SSA 
employees, visitors to any SSA office conducting business, and/or to 
any SSA office.
    The information collected from visitors to SSA FOs will be used for 
filing claims for benefits under title II, transacting post-entitlement 
actions if currently entitled to benefits under title II, filing claims 
for benefits under title XVI, transacting post-eligibility actions if 
currently eligible for benefits under title XVI, obtaining an SSN, 
transacting other actions related to a SSN, or other actions/queries 
that may require an interview at SSA.
    The information collected from the ``High Risk'' alert will be used 
to advise the intake employee at any SSA office of the potential 
security risk and to use extra caution when dealing with the individual 
that is before them and/or who has scheduled an appointment. The ``High 
Risk'' alert will include personal information about the visitor such 
as name, SSN, date of birth, specific nature of the threat or act of 
violence, the date and time, and the location of the threat or act of 
violence.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    Disclosures may be made for routine uses as indicated below.
    1. To the Office of the President for the purpose of responding to 
an individual pursuant to an inquiry received from that individual or 
from a third party on his or her behalf.
    2. To a congressional office in response to an inquiry from that 
office made at the request of the subject of a record.
    3. To the Department of Justice (DOJ), a court, or other tribunal, 
or other party before such tribunal when:
    (a) SSA, or any component thereof, or
    (b) Any SSA employee in his/her official capacity; or
    (c) Any SSA employee in his/her individual capacity where DOJ (or 
SSA Where it is authorized to do so) has agreed to represent the 
employee; or
    (d) The United States or any agency thereof where SSA determines 
that the litigation is likely to affect the operations of SSA or any of 
its components is party to litigation or has an interest in such 
litigation, and SSA determines that the use of such records by DOJ, a 
court, or other tribunal is relevant and necessary to the litigation, 
provided, however, that in each case, SSA determines that such 
disclosure is compatible with the purpose for which the records were 
collected.
    4. To contractors and other Federal agencies, as necessary, to 
assist SSA in the efficient administration of its programs.
    5. To student volunteers, individuals working under a personal 
services contract, and other individuals performing functions for SSA 
but technically not having the status of agency employees, if they need 
access to the records in order to perform their assigned agency 
functions.
    6. Non-tax return information which is not restricted from 
disclosure by Federal law may be disclosed to the General Services 
Administration (GSA) and the National Archives and Records 
Administration (NARA) under 44 U.S.C. 2904 and Sec.  2906, as amended 
by NARA Act of 1984, for the use of those agencies in conducting 
records management studies.
    7. To Federal, State, and local law enforcement agencies and 
private security contractors as appropriate, information necessary:
    (a) To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace and the operation of SSA 
facilities, or
    (b) To assist investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupt the operation of SSA facilities.

Policies and Practices for Storing, Retrieving, Accessing, Retaining 
and Disposing of Records in the System:
Storage:
    Records in this system are maintained in both electronic and paper 
form (e.g., magnetic tape and disc and microfilm).

Retrievability:
    Records in this system will be retrieved by the individual's SSN 
and/or name.

Safeguards:
    Security measures include the use of access codes to enter the 
computer system which will maintain the data, and storage of the 
computerized records in secured areas which are accessible only to 
employees who require the information in performing their official 
duties. SSA employees who have access to the data will be informed of 
the criminal penalties of the Privacy Act for unauthorized access to or 
disclosure of information maintained in the system. See 5 U.S.C. 
552a(i)(1).
    Contractor personnel and/or alternate participants having access to 
data in the system of records will be required to adhere to SSA rules 
concerning safeguards, access and use of the data.

Retention and disposal:
    Records in the Visitor Intake Process/Customer Service Record (VIP/
CSR) System ``High Risk'' file will be retained for three years. The 
means of disposal of the information in the Visitor Intake Process/
Customer Service Record (VIP/CSR) System ``High Risk'' file will be 
appropriate to the storage medium (e.g., deletion of individual 
electronic records or shredding of paper records). In addition, 
management officials will have the ability to delete records from the 
``High Risk'' file electronic database.
    Records in the Visitor Intake Process/Customer Service Record (VIP/
CSR) System are retained for one year when they pertain to documents 
provided by and returned to an individual, denial of requests for 
confidential information, release of confidential information to an 
authorized third party, and undeliverable material. Records are 
maintained for four years when they contain information and evidence 
pertaining to Social Security coverage, wage, and self-employment 
determinations, or when they affect future claims development. 
Additional information collected, such as waiting time information, may 
be retained for longer periods for purposes of analysis and process 
improvement, without regard to individual records.
    The means of disposal of the information in this system will be 
appropriate to the storage medium (e.g., deletion of individual 
electronic records or shredding of paper records).

system manager(s) and address(es):
    Deputy Commissioner, Office of Systems, Social Security 
Administration, 6401 Security Boulevard, Baltimore, Maryland 21235.

notification procedure(s):
    An individual can determine if this system contains a record about 
him/her by writing to the system manager(s) at the above address and 
providing his/her name, SSN, or other information that may be in the 
system of records that will identify him/her. An individual requesting 
notification of records in person should provide the same information, 
as well as provide an identity document, preferably with a

[[Page 59798]]

photograph, such as a driver's license. If an individual does not have 
identification documents sufficient to establish his/her identity, the 
individual must certify in writing that he/she is the person claimed to 
be and that he/she understands that knowing and willful request for, or 
acquisition of, a record pertaining to another individual under false 
pretenses is a criminal offense.
    If notification is requested by telephone, an individual must 
verify his/her identity by providing identifying information that 
parallels the record to which notification is being requested. If it is 
determined the identifying information provided by telephone is 
insufficient, the individual will be required to submit a request in 
writing or in person. If an individual is requesting information by 
telephone on behalf of another individual, the subject individual must 
be connected with SSA and the requesting individual in the same phone 
call. SSA will establish the subject individual's identity (his/her 
name, SSN, address, date of birth and place of birth, along with one 
other piece of information such as mother's maiden name), and ask for 
his/her consent in providing information to the requesting individual.
    If a request for notification is submitted by mail, an individual 
must include a notarized statement to SSA to verify his/her identity or 
must certify in the request that he/she is the person claimed to be and 
that he/she understands that the knowing and willful request for, or 
acquisition of, a record pertaining to another individual under false 
pretenses is a criminal offense. These procedures are in accordance 
with SSA Regulations (20 CFR 401.40).

record access procedure(s):
    Same as ``Notification'' procedure(s). Requesters also should 
reasonably specify the record contents they are seeking. These 
procedures are in accordance with SSA Regulations (20 CFR 401.50).

Contesting record procedure(s):
    Same as ``Notification'' procedures. Requesters also should 
reasonably identify the record, specify the information they are 
contesting, and state the corrective action sought, and the reasons for 
the correction, with supporting justification showing how the record is 
untimely, incomplete, inaccurate or irrelevant. These procedures are in 
accordance with SSA Regulations (20 CFR 401.65).

Record source categories:
    Information in this system of records is obtained from information 
collected from individuals interviewed in person in SSA FOs, from 
existing systems of records, such as the Claims Folders System, (60-
0089), Master Beneficiary Record, (60-0090), Supplemental Security 
Income Record and Special Veterans Benefits, (60-0103), and from 
information generated by SSA, such as computer date/time stamps at 
various points in the interview process.

Systems exempted from certain provisions of the Privacy Act:
    None.
[FR Doc. 05-20503 Filed 10-12-05; 8:45 am]
BILLING CODE 4191-02-P