Identity Protection Program (IPP) System

SYSTEM NUMBER: 60-0360

System name:

    Identity Protection Program (IPP) System.

System classification:

    None.

System location:

    Social Security Administration

    Office of Human Resources

    6401 Security Boulevard

    Baltimore, Maryland 21235.

Categories of individuals covered by the system:

    SSA Employees who have requested participation in the IPP.

Categories of records in the system:

    This system consists of a variety of records concerning

participation in the IPP. In addition to the employee's name, this

system includes information such as the employee's personal

identification number (PIN), locator information, telephone number,

component, documentation submitted to support the reason for the

request for program participation, as well as any subsequent

documentation provided by the employee; employee's written request to be removed from the IPP; the number of IPP requests that have been granted or denied by employee; the number of IPP requests that

have been granted or denied by Agency component; reason for program participation request denial; and length of time taken to process each request for program participation.

Authority for maintenance of the system:

    Sections 205 and 702(a)(5) of the Social Security Act (42 U.S.C.

405, 902(a)(5)).

Purpose(s):

    Information in the IPP System is used to:

-Provide a means of collecting information about SSA employees who reasonably believe that they may be at risk of injury or other harm by the disclosure of their work location and telephone number.

-Provide a standard approach to ensuring the safety of SSA

employees who reasonably believe that they may be at risk of injury or other harm by the disclosure of their work location and telephone number.

-The information in this system will be used to establish

participation in the IPP. We will establish program participation when

an employee has made known his/her request for program participation and all of the required documentation has been submitted.

Routine uses of records maintained in the system, including categories of users and the purpose of such uses:

    Disclosures may be made for routine uses as indicated below.

1. To the Office of the President for the purpose of responding to

an individual pursuant to an inquiry received from that individual or

from a third party on his or her behalf.

2. To a congressional office in response to an inquiry from that

office made at the request of the subject of a record.

3. To the Department of Justice (DOJ), a court or other tribunal,

or another party before such tribunal when:

    (a) SSA, or any component thereof; or

    (b) Any SSA employee in his/her official capacity; or

    (c) Any SSA employee in his/her individual capacity where DOJ (or

SSA where it is authorized to do so) has agreed to represent the

employee; or

    (d) The United States or any agency thereof where SSA determines

that the litigation is likely to affect the operations of SSA or any of its components, is a party to the litigation or has an interest in such litigation, and SSA determines that the use of such records by DOJ, a court or other tribunal, or another party before such tribunal is relevant and necessary to the litigation, provided, however, that in each case, SSA determines that such disclosure is compatible with the purpose for which the records were collected.

4. To the Equal Employment Opportunity Commission (EEOC or

Commission) when requested in connection with investigations into

alleged or possible discriminatory practices in the Federal sector,

examination of Federal affirmative employment programs, compliance by Federal agencies with the Uniform Guidelines on Employee Selection Procedures, or other functions vested in the Commission.

5. To the Federal Labor Relations Authority, the General Counsel,

the Federal Mediation and Conciliation Service, the Federal Service

Impasses Panel, or an arbitrator when information is requested in

connection with the investigations of allegations of unfair labor

practices, matters before an arbitrator or the Federal Impasses Panel.

(6) To the Office of Personnel Management, Merit Systems Protection Board, or the Office of the Special Counsel, in connection with appeals, special studies of the civil service and other merit systems, review of those agencies' rules and regulations, investigation of alleged or possible prohibited personnel practices, and other such

functions promulgated in 5 U.S.C. Chapter 12, or as may be authorized by law.

7. To contractors and other Federal agencies, as necessary, for

the purpose of assisting SSA in the efficient administration of its

programs. We contemplate disclosing information under this routine use only in situations in which SSA may enter into a contractual or similar agreement with a third party to assist in accomplishing an Agency function relating to this system of records.

8. To student volunteers, individuals who work under a personal

services contract, and other individuals performing functions for SSA,

who technically do not have the status of Agency employees, when they are performing work for SSA, as authorized by law, and they need access to the records in order to perform their assigned Agency functions.

9. To the General Services Administration (GSA) and National

Archives and Records Administration ( NARA) under 44 U.S.C. Sec.  2904 and Sec. 2906, as amended by the NARA Act of 1984, non-tax return information which is not restricted from disclosure by Federal law for use by those agencies in conducting records management studies.

10. To Federal, State, and local law enforcement agencies and

private security contractors, as appropriate, information necessary:

     -To enable them to protect the safety of SSA employees and

customers, the security of the SSA workplace, the operation of SSA

facilities, or

     -To assist investigations or prosecutions with respect to

activities that affect such safety and security or activities that

disrupts the operation of SSA facilities.

11. To appropriate Federal, State, and local agencies, entities,

and persons when (1) we suspect or confirm that the security or

confidentiality of information in this system of records has been

compromised; (2) we determine that as a result of the suspected or

confirmed compromise there is a risk of harm to economic or property

interests, identity theft or fraud, or harm to the security or

integrity of this system or other systems or programs of SSA that rely

upon the compromised information; and (3) we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. SSA will use this routine use to respond only to those incidents involving an unintentional release of its records.

Policies and practices for storing, retrieving, accessing, retaining and disposing of records in the system:

Storage:

    Records in this system are maintained and stored in both electronic

and paper form.

Retrievability:

    Records in this system will be retrieved by the employee's PIN and/

or name.

Safeguards:

    Security measures include the use of access codes to enter the computer system which will maintain the data, the storage of computerized records in secured areas that are accessible only to employees who require the information in performing their official duties. Manually maintained records will be kept in locked cabinets or in otherwise secure areas. SSA employees who have access to the data will be informed of the criminal penalties of the Privacy Act for unauthorized access to or disclosure of information maintained in the system. See 5 U.S.C. 552a(i)(1).

    Contractor personnel and/or alternate employees having access to data in the system of records will be required to adhere to SSA rules concerning safeguards, access and use of the data.

Retention and disposal:

    The records are maintained in SSA headquarters Office of Human

Resources or regional Servicing Personnel Offices. They are disposed of in accordance with item 17a of the National Archives and Records

Administration General Records Schedule 1.

System manager(s):

    Associate Commissioner, Office of Personnel, Social Security

Administration, 6401 Security Boulevard, Baltimore, Maryland 21235-

6401.

Notification procedure(s):

    An individual can determine if this system contains a record about him/her by writing to the system manager at the above address and providing his/her name, SSN or other information that may be in the system of records that will identify him/her. An individual requesting notification of records in person should provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver's license. If an individual does not have any identification documents sufficient to establish his/her identity, the individual must certify in writing that he/she is the person claimed to be and that he/she understands that knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.

    If notification is requested by telephone, an individual must verify his/her identity by providing identifying information that parallels the record to which notification is being requested. Individuals providing insufficient identifying information by telephone will be required to submit a request in writing or in person. If an individual is requesting information by telephone on behalf of another individual, the subject individual must be connected with SSA and the requesting individual in the same phone call. SSA will establish the subject individual's identity (his/her name, PIN, address, date of birth and place of birth along with one other piece of information such as mother's maiden name) and ask for his/her consent in providing information to the requesting individual.

    If a request for notification is submitted by mail, an individual must include a notarized statement to SSA to verify his/her identity or must certify in the request that he/she is the person claimed to be and that he/she understands that knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense. These procedures are in accordance with SSA Regulations (20 CFR 401.45).

Record access procedure(s):

    Same as Notification procedure(s). Requesters also should

reasonably specify the record contents they are seeking. These

procedures are in accordance with SSA Regulations (20 CFR 401.40).

Contesting record procedure(s):

    Same as Notification procedure(s). Requesters should also reasonably identify the record, specify the information they are contesting, and state the corrective action sought and the reasons for the correction, with supporting justification, showing how the record is untimely, incomplete, inaccurate, or irrelevant. These procedures are in accordance with SSA Regulations (20 CFR 401.65).

Record source categories:

    Information in this system is obtained from information collected from SSA employees and officials.

Systems exempt from certain provisions of the Privacy Act:

    None.