Integrated Disability Management System
· Name of project.
Integrated Disability Management System
· Unique project identifier.
016-00-SSA/DHR-G-013
· Privacy Impact Assessment Contact.
Security Authorization Manager
Office of PolicyNet and Program Support
Social Security Administration
6410 Security Boulevard
Baltimore, MD 21235
· System background description or purpose.
The Integrated Disability Management System (IDMS) is a Social Security Administration (SSA) certified and accredited General Support System (GSS) consisting of several sub-systems. IDMS uses as its master file the Disability Control File (DCF), which is the master repository for all SSA’s Title II Disability Insurance and Title XVI (Supplemental Security Income) programs’ disability claims, including denied, terminated and active claims.
· Describe the information we collect, why we collect the information, how we use the information, and with whom we share the information.
DCF contains disability decision data beginning with the Initial Claim decision. It contains Title II and Title XVI earnings history and is the official repository for Title II earnings verification data and Trial Work Period, Extended Period of Eligibility data, Initial Reinstatement Period and Disability Demonstration Project data. The DCF is also the repository for Continuing Disability Review (CDR) and Ticket to Work (TTW) data and is used to control Medical and Work CDRs, Ticket (eligibility, use, assignment, and termination), as well as tracking Expedited Reinstatement claims processed. In addition, it controls Employment Network payments for the TTW program. DCF controls the CDR Earnings Enforcement Operation (CDREO) that produces alerts when disabled beneficiaries return to work. The DCF reads and updates according to the Master Earnings Files (MEF), Supplemental Security Record (SSR) and Master Beneficiary Record (MBR) systems.
We disclose information only as necessary to pay benefits to claimants, make payments to entities contracted by SSA, to provide services to Title II and Title XVI disabled beneficiaries, or as authorized by Federal law. IDMS is not accessible to members of the public.
IDMS consists of several subsystems, such as the following:
Subsystem Name: |
Summary of Subsystem Function: |
Disability Control File System (DCFS) |
The DCFS contains disability decision data beginning with the Initial Claim decision and continuing throughout the life of the claim. It contains Title II and Title XVI earnings history and is the official repository for Title II earnings verification data and Trial Work Period data. The DCFS is also the repository for CDR and TTW data and is used to control Medical and Work CDRs, Ticket (eligibility, use, assignment and termination), as well as tracking Expedited Reinstatement claims processed. It is also used to control Employment Network payments for the Ticket to Work program. DCFS controls the CDR Enforcement Operation that produces alerts when disabled beneficiaries return to work. |
Ticket To Work (TTW) Internal |
The Ticket to Work program provides most people receiving Social Security disability (Title II) and SSI benefits (Title XVI) (beneficiaries) more choices for receiving employment services. Under this program, SSA issues tickets to eligible beneficiaries who, in turn, may choose to assign those tickets to an Employment Network (EN) of their choice to obtain employment services, vocational rehabilitation services, or other support services necessary to achieve a vocational (work) goal. |
Electronic Work (eWork) |
eWork (electronic work CDR) assists SSA operations personnel to initiate & control earnings info requests for beneficiaries, analyze the earnings info they receive, process and make initial and recon work CDR determinations. |
Continuing Disability Review Enforcement Operation (CDREO) |
The CDREO system alerts records of title II and concurrent beneficiaries with potentially uninvestigated substantial earnings after disability onset. CDREO generates information Listings to SSA field personnel to determine if earnings posted to beneficiaries’ records mean they have worked or are working after the disability date of onset. |
Internet Ticket Operations Provider Support System (ITOPSS) and Employment Network (EN) Portal |
The ITOPSS subsystem is a comprehensive application that supports the TTW program. ITOPSS utilizes an internet-based system that facilitates all business interaction for the Ticket to Work program (TTW). External stakeholders (Employment Network (EN) and State Vocational Rehabilitation users) interact and conduct TTW business with SSA using the secure web-based interface, EN Portal. |
Vocational Rehabilitation Reimbursement Management System (VRRMS) |
VRRMS is the State Vocational Rehabilitation cost reimbursement process that contributes to the agency’s objective to support the ticket to work program. VRRMS does not connect to any other SSA system from which it requires information. |
Bond Stand-Alone System (BSAS) |
BSAS is an Intranet system that accepts database files from BOND Operations Data System (BODS). It contains the beneficiary’s estimate of gross earnings for the calendar year and his or her estimate of allowable deductions under work incentives (impairment related work expenses (IRWE) and subsidy) provisions. It also contains the beneficiary’s estimate of any income that should not count as payment for work activity (sick pay, vacation pay, insurance payments, and any earnings earned prior to the first month of eligibility for the offset). |
Bond Web Services (BWS) |
BWS is
an application that can be accessed over the
internet. BWS allows different applications from different sources to
communicate with each other without time-consuming custom coding and are not tied to any one operating system or program
language. BWS will allow a seamless one-way exchange of data from the
BODS to the BSAS. BWS allows BODS to transmit data to SSA’s BSAS for MACADE batch
automated processing and component manual processing of alerts and
exceptions. BWS allows sever-to-server pinging and sending and getting bulk files. |
Efforts to Outcomes (ETO) |
ETO is a social case-management Commercial
Off-The-Shelf (COTS) Internet application that supports SSA’s TTW
program. It is a centrally managed
web-based application designed for operators of human service programs. ETO provides comprehensive case-management
functions to track client recruitment, demographics, assessments, and
outcomes, specifically for the purpose of measuring impact and improving
program performance. |
BOND Data Collection System (BDCS) |
BODS will store info from BDCS and allow contractors to manipulate and analyze the data and report to SSA. BODS will send specific data to SSA’s BSAS through BWS. |
BOND Operations Data System (BODS) |
BOND BDCS will allow contractor personnel to collect certain information on BOND participants. |
BOND Project System (BPS) |
BPS will assist in analyzing SSA, RSA, and Department of Labor (DOL) information on BOND participants to evaluate SSA’s BOND program. |
· Describe the administrative and technological controls we have in place to secure the information we collect.
IDMS has undergone authentication and security risk analyses. The latter includes an evaluation of security and audit controls proven effective in protecting the information collected, stored, processed, and transmitted by our information systems. These include technical, management, and operational controls that permit access to those users who have an official “need to know.” Audit mechanisms are in place to record sensitive transactions as an additional measure to protect information from unauthorized disclosure or modification.
We protect the information in the IDMS by requiring authorized employees to use a unique Personal Identification Number to access information in the system. We store computerized records in secure areas that are accessible to those employees who require the information to perform their official duties. We implemented appropriate configuration settings in IDMS sub-systems to insure agency pin and password requirements are technically enforced. All of our employees who have access to our information systems that maintain personal information must sign a sanction document annually that acknowledges penalties for unauthorized access to, or disclosure of, such information. Vulnerability scan reports performed against IDMS sub-system assets ensure all configuration settings are functional.
· Describe the impact on individuals’ privacy rights.
We collect information only where we have specific legal authority to do so in order to administer our responsibilities under the Social Security Act. When we collect personal information from individuals, we advise them of our legal authority for requesting the information, the purposes for which we will use and disclose the information, and the consequences of their not providing any or all of the requested information. The individuals can then make informed decisions as to whether or not they should provide the information.
· Do we afford individuals an opportunity to consent to only particular uses of the information?
When we collect information from individuals, we advise them of the purposes for which we will use the information. We further advise them that we will disclose this information without their prior written consent only when we have specific legal authority to do so (e.g., the Privacy Act).
· Does the collection of this information require a new system of records under the Privacy Act (5 U.S.C. § 552a) or an alteration to an existing system of records?
IDMS does not require a new Privacy Act system of records or an alteration to an existing system of records. IDMS uses information collected and maintained for business purposes related to other Privacy Act systems of records: Master Files of Social Security Numbers (SSN) and SSN Applications (60-0058); National Disability Determination Services (60-0044); Completed Disability Record-Continuing Disability Determinations (60-0050); Ticket-to-Work and Self-Sufficiency Program Payment Database (60-0295); Master Beneficiary Record (60-0090); Supplemental Security Income Record and Special Veterans Benefits (60-0103); and eWork System (60-0330).
PIA CONDUCTED BY PRIVACY OFFICER, SSA:
MARY ANN ZIMMERMAN _________ February 13, 2017_
SIGNATURE DATE
PIA REVIEWED BY ACTING SENIOR AGENCY PRIVACY OFFICIAL, SSA:
/signed/
DANIEL F. CALLAHAN_______________ February 16, 2017__
SIGNATURE DATE