[Federal Register Volume 78, Number 129 (Friday, July 5, 2013)]
[Notices]
[Pages 40542-40544]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2013-16099]


-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION

[Docket No. SSA-2013-0032]


Privacy Act of 1974, As Amended: Proposed New Routine Use

AGENCY: Social Security Administration.

ACTION: New Proposed Routine Use Applicable to Four Systems of Records.

-----------------------------------------------------------------------

[[Page 40543]]

SUMMARY: In accordance with the Privacy Act of 1974 (5 U.S.C. 
552a(e)(4) and (e)(11)) and our disclosure regulations (20 CFR Part 
401), we are issuing public notice of our intent to publish a new 
routine use applicable to our systems of records entitled:
     Master Files of Social Security Number (SSN) Holders and 
SSN Applications, (60-0058) (the Enumeration System)
     Earnings Recording and Self-Employment Income System, (60-
0059)
     Master Beneficiary Record (MBR), (60-0090)
     Prisoner Update Processing System (PUPS), (60-0269)
    The Patient Protection and Affordable Care Act of 2010 (Pub. L. 
111-148), as amended by the Health Care and Education Reconciliation 
Act of 2010 (Pub. L. 111-152) (collectively, the ACA) requires the use 
of a single, streamlined application to determine eligibility for an 
Insurance Affordability Program (IAP), which includes:
     a Qualified Health Plan (QHP) through an Exchange,
     Advance Payments of the Premium Tax Credit (APTC),
     Cost-Sharing Reductions (CSR),
     Medicaid,
     the Children's Health Insurance Program (CHIP), and
     the Basic Health Program (BHP).
    As a part of the eligibility determination process, individuals may 
apply for an exemption from the individual responsibility requirement 
to maintain coverage (certification of exemption). The new routine use 
will enable SSA to disclose information to the Department of Health and 
Human Services (DHHS)/Centers for Medicare & Medicaid Services (CMS) to 
confirm the accuracy of attestations made by an individual to determine 
eligibility and entitlement to an IAP and identify individuals who 
qualify for certifications of exemption under the ACA. We discuss the 
routine use in detail in the Supplementary Information section below. 
We invite public comment on this proposal.

DATES: We filed a report of the routine use with the Chairman of the 
Senate Committee on Homeland Security and Governmental Affairs, the 
Chairman of the House Committee on Oversight and Government Reform, and 
the Director, Office of Information and Regulatory Affairs, Office of 
Management and Budget (OMB). The routine use will become effective on 
August 31, 2013 unless we receive comments before that date that would 
result in a contrary determination.

ADDRESSES: Interested persons may comment on this publication by 
writing to the Executive Director, Office of Privacy and Disclosure, 
Office of the General Counsel, Social Security Administration, Room 617 
Altmeyer Building, 6401 Security Boulevard, Baltimore, Maryland 21235-
6401. All comments we receive will be available for public inspection 
at the above address.

FOR FURTHER INFORMATION CONTACT: Keisha Mahoney, Government Information 
Specialist, The Electronic Interchange and Liaison Division, Office of 
Privacy and Disclosure, Office of the General Counsel, Social Security 
Administration, Room 617 Altmeyer Building, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, telephone: (410) 966-9048, Email: 
[email protected].

SUPPLEMENTARY INFORMATION:

I. Background and Purpose of the Proposed New Routine Use

    Section 1411(c) of the ACA requires the Secretary of DHHS/CMS to 
establish a program meeting the requirements of the ACA to determine 
eligibility for and enrollment in an IAP, including:
     a QHP through the Exchange,
     APTC,
     CSRs,
     Medicaid,
     the CHIP, and
     the BHP.
    As a part of the eligibility determination process, individuals may 
apply for certifications of exemption under the ACA. Specifically, 
individuals must furnish their name, date of birth, Social Security 
number (SSN), and attestation of citizenship status to the Secretary of 
DHHS/CMS. The Secretary of DHHS/CMS will submit the information to the 
Commissioner of SSA for a determination as to whether the information 
submitted is consistent with the records of SSA. The ACA also permits 
the Secretary of DHHS/CMS to request additional information that is 
relevant to determining entitlement and eligibility to programs. To 
accommodate such requests, SSA will disclose (1) Disability indicator, 
(2) death indicator, (3) prisoner data, (4) quarters of coverage, and 
(5) monthly and annual Social Security benefit information under title 
II of the Social Security Act (Act). Section 1411(c)(4) of the ACA 
requires DHHS/CMS and SSA to use an on-line system or a system 
otherwise involving electronic exchange to support such transactions. 
To support this need, we are establishing a new routine use to allow 
for such disclosures by SSA to DHHS/CMS. DHHS/CMS will use the data for 
the purpose of the administration of IAPs and for certifications of 
exemption under the ACA.

II. Proposed New Routine Use

    The Privacy Act requires that agencies publish a notice in the 
Federal Register of ``each routine use of the records contained in the 
system, including the categories of users and the purpose of such 
use.'' 5 U.S.C. 552a(e)(4)(D). We developed the following new routine 
use that will allow us to disclose information to DHHS/CMS:
    To the Department of Health and Human Services (DHHS)/Centers for 
Medicare and Medicaid Services (CMS) for the purpose of the 
administration of Insurance Affordability Programs (IAP) and to 
identify individuals who qualify for an exemption from the individual 
responsibility requirement in accordance with the Patient Protection 
and Affordable Care Act of 2010 (Pub. L. 111-148), as amended by the 
Health Care and Education Reconciliation Act of 2010 (Pub. L. 111-152). 
IAPs include a Qualified Health Plan through the Exchange, Advance 
Payments of the Premium Tax Credit, Cost Sharing Reductions, Medicaid, 
the Children's Health Insurance Program, and the Basic Health Program.
    The new routine use will be included in the following systems of 
records:
     60-0058, Master Files of SSN Holders and SSN Applications, 
last published on December 29, 2010 at 74 FR 62866, as new routine use 
45;
     60-0059, Earnings Recording and Self-Employment Income 
System, last published on January 11, 2006 at 71 FR 1819, as new 
routine use 34;
     60-0090, Master Beneficiary Record, last published on 
January 11, 2006 at 71 FR 1826, as new routine use 39; and
     60-0269, Prisoner Update Processing System (PUPS), last 
published on March 8, 1999 at 64 FR 11076, as new routine use 13.
    SSA will rely on this routine use to disclose only those data 
elements from SSA's system of records that DHHS/CMS has demonstrated 
are necessary for the administration of IAPs and certifications of 
exemption in accordance with the ACA.

III. Compatibility of Routine Use

    In accordance with the Privacy Act (5 U.S.C. 552(a) and (b)(3)), 
and our disclosure regulations (20 CFR Part 401), we are proposing to 
establish a new routine use to support the ACA.
    We can disclose information when the disclosure is required by law 
(20 CFR 401.120).

[[Page 40544]]

     Section 1411(c) of the ACA requires SSA to determine 
whether the name, date of birth, SSN and attestation of citizenship of 
individuals applying for IAPs under the ACA are consistent with 
information in SSA's records.
     Section 205(r)(3) of the Social Security Act (Act) permits 
SSA to disclose, on a reimbursable basis, death information to a 
Federal or State agency that administers a Federally-funded benefit 
other than pursuant to the Act to ensure proper payment of such 
benefit. Section 7213 of the Intelligence Reform and Terrorism 
Prevention Act of 2004 provides SSA authority to add a death indicator 
to verification routines that the agency deems appropriate.
     Sections 202(x)(3)(B)(iv) and 1611(e)(1)(I)(iii) of the 
Act permit SSA to disclose, on a reimbursable basis, prisoner 
information to an agency administering a Federal or Federally-funded 
cash, food, or medical assistance program for eligibility and other 
administrative purposes under such program.
    We can also disclose information when the purpose is compatible 
with the purpose for which we collected the information and is 
supported by a published routine use (20 CFR 401.150). The Privacy Act 
allows us to disclose information maintained in a system of records 
without consent of the record subject to another party if such 
disclosure is pursuant to a routine use published in the system of 
records. 5 U.S.C. 552a(b)(3). A ``routine use'' must be compatible with 
the purpose for which SSA collected the information (5 U.S.C. 
552a(a)(7)). Under SSA's regulations, SSA may publish a routine use 
permitting it to disclose information to another government entity for 
the administration of other government programs when the information 
requested concerns eligibility, benefit amounts, or other matters of 
benefit status in a Social Security program and is relevant to 
determining the same matters in other programs. 20 CFR 401.150(c). SSA 
collects information from applicants for, and beneficiaries of, Social 
Security benefits to determine entitlement and eligibility to such SSA 
benefits and the amount of those benefits. Under the new routine use 
and in accordance with the ACA, SSA will disclose information 
concerning eligibility, benefit amounts, or other matters of benefit 
status in a Social Security program to DHHS/CMS for use in making 
initial eligibility determinations, and eligibility redetermination and 
renewal decisions, including appeal determinations for IAPs, and 
certifications of exemption under the ACA. Specifically, DHHS/CMS will 
use the information SSA provides to determine entitlement and 
eligibility in QHPs offered through an Exchange, including the APTCs 
under section 36B of the Internal Revenue Code of 1986 and CSRs under 
section 1402 of the ACA; a State Medicaid program under title XIX of 
the Act; the CHIP under title XXI of the Act; a State program under 
section 1331 of the ACA establishing qualified BHPs; and a 
certification of exemption pursuant to section 1311(d)(4)(H) of the 
ACA. The verification and disclosure of information in our records to 
DHHS/CMS for its use in administering the health and income maintenance 
programs under ACA and the Act, meet the statutory and compatibility 
requirements for routine use disclosures.

IV. Effect of the Routine Use on the Rights of Individuals

    DHHS/CMS and SSA are subject to Privacy Act requirements. Our 
disclosures to DHHS/CMS are compliant with the Privacy Act, the ACA, 
and the Social Security Act. The Privacy Act requires that our routine 
use be compatible with the purpose for which we collected the 
information. 5 U.S.C. 552a(a)(7) and (b)(3). In this case, we collect 
the information we plan to disclose in order to administer our 
programs. We will disclose this information to DHHS/CMS in connection 
with the administration of IAPs and certifications of exemption under 
ACA. We have determined that this is a compatible purpose under the 
Privacy Act and our regulation. After we disclose information to DHHS/
CMS under the new routine use, the information is subject to the 
relevant DHHS System of Records Notices. We will enter into a Computer 
Matching and Privacy Protection Act (CMPPA) agreement with DHHS/CMS to 
support the new routine use disclosures. CMPPA agreements have specific 
provisions to protect the privacy rights of record subjects; to protect 
the confidentiality and integrity of the records; and to prohibit 
unauthorized use of the records. Therefore, we do not anticipate that 
the routine use will have an unwarranted adverse effect on the privacy 
or other rights of individuals about whom we will disclose information.

Kirsten J. Moncada,
Executive Director, Office of Privacy and Disclosure, Office of the 
General Counsel.
[FR Doc. 2013-16099 Filed 7-3-13; 8:45 am]
BILLING CODE 4191-02-P