SSA’s Mandate Against Red Tape (SMART) Program Records

Effective Date: August 10, 2000 
(65 F.R. 49047)
 
SOCIAL SECURITY ADMINISTRATION NOTICE OF SYSTEM OF RECORDS REQUIRED BY THE PRIVACY ACT OF 1974

System number: 60-0279

System name:

SSA’s Mandate Against Red Tape (SMART) Program Records

Security classification:

None.

System location:

Social Security Administration (SSA) Office of the Commissioner 
Office of Customer Service Integration (OCSI) 
450 Altmeyer Building 
6401 Security Boulevard 
Baltimore, Maryland 21235

Categories of individuals covered by the system:

SSA employees who have made requests that the SSA eliminate and/or set aside administrative directives, policies and procedures that provide guidance for office operations, workflows and work processes that have lost their usefulness and/or effectiveness.  Such requests for waivers of internal rules give employees real opportunities to perform their jobs faster, better and cost effectively.

Categories of records in the system:

Requests, evaluations of requests, name and office address of individual submitting the request and evaluating the request, other identifying information such as employee’s pay plan, employee’s series and grade, position title, organization/office, Social Security number (SSN), timekeeper number, email address, FAX number, Internet address, and telephone number.

Authority for maintenance of the system:

42 U.S.C. § 405A and 5 U.S.C. § 301.

Purpose(s):

Records in this system are used to control, evaluate, approve and adopt practices that effectively encourage innovation through granting employees waivers from certain internal agency rules.  These records are maintained within the Office of the Commissioner, Office of Customer Service Integration (OCSI) in SSA.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

Disclosures may be made for routine uses as indicated below.

1.   To the Office of the President for the purpose of responding to an individual pursuant to an inquiry received from that individual or from a third party on his or her behalf.

2.   To a congressional office in response to an inquiry from that office made at the request of the subject of a record.

3.   To the Department of Justice (DOJ), a court or other tribunal, or another party before such tribunal when:

a)     SSA, or any component thereof, or

b)     any SSA employee in his/her official capacity; or

c)      any SSA employee in his/her individual capacity where DOJ (or SSA where it is authorized to do so) has agreed to represent the employee; or

d)     the United States or any agency thereof where SSA determines that the litigation is likely to affect the operations of SSA or any of its components is party to litigation or has an interest in such litigation, and SSA determines that the use of such records by DOJ, a court or other tribunal, or another party before such tribunal is relevant and necessary to the litigation, provided, however, that in each case, SSA determines that such disclosure is compatible with the purpose for which the records were collected.

4.  To student volunteers and other workers, who technically do not have the status of Federal employees, when they are performing work for SSA as authorized by law, and they need access to personally identifiable information in SSA records in order to perform their assigned Agency functions.

5.  To contractors and other Federal agencies, as necessary, for the purpose of assisting SSA in the efficient administration of its programs.  We contemplate disclosing information under this routine use only in situations in which SSA may enter into a contractual or similar agreement with a third party to assist in accomplishing an agency function relating to this system of records.

6.  Non-tax return information which is not restricted from disclosure by federal law may be disclosed to the General Services Administration (GSA) and the National Archives and Records Administration (NARA) under 44 U.S.C. § 2904 and § 2906, as amended by NARA Act of 1984, for the use of those agencies in conducting records management studies.

7.  We may disclose information to appropriate Federal, State, and local agencies, entities, and persons when (1) we suspect or confirm that the security or confidentiality of information in this system of records has been compromised; (2) we determine that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs of SSA that rely upon the compromised information; and (3) we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. SSA will use this routine use to respond only to those incidents involving an unintentional release of its records.

Policies and practices for storing, retrieving, accessing, retaining and disposing of records in the system:

Storage:

The records are maintained electronically and in paper form (e.g., file folders) in locked file cabinets within OCSI.

Retrievability: 

The records are indexed and retrieved by the SMART request number assigned to the employees request.

Safeguards:

This system of records is a database that is accessible via an SSA Intranet Website.  Security measures include the use of access codes to enter the database , and storage of the electronic records in secured areas which are accessible only to employees who require the information in performing their official duties.  The paper records that result from the electronic site are kept in locked cabinets or in otherwise secure areas.  SSA, foreign site and contractor personnel having access to data in the system of records are required to adhere to SSA rules concerning safeguards, access, and use of the data.  They also are informed of the criminal penalties of the Privacy Act for unauthorized access to or disclosure of information maintained in this system of records.

Retention and disposal:

After final action to approve or deny a SMART request, it will be maintained for at least 7 years, or when it is determined that they are no longer needed, then destroyed in a manner appropriate to the storage media.

System manager(s) and address: 

Social Security Administration 
Office of the Commissioner 
Office of Customer Service Integration 
450 Altmeyer Building 
6401 Security Boulevard 
Baltimore, Maryland 21235

Notification procedures:

An individual can determine if this system contains a record about him/her by writing to the systems manager(s) at the above address and providing his/her name, SSN or other information that may be in the system of records that will identify him/her.  An individual requesting notification of records in person should provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver’s license or some other means of identification.  If an individual does not have any identification documents sufficient to establish his/her identity, the individual must certify in writing that he/she is the person claimed to be and that he/she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.

If notification is requested by telephone, an individual must verify his/her identity by providing identifying information that parallels the record to which notification is being requested.  If it is determined that the identifying information provided by telephone is insufficient, the individual will be required to submit a request in writing or in person.  If an individual is requesting information by telephone on behalf of another individual, the subject individual must be connected with SSA and the requesting individual in the same phone call.  SSA will establish the subject individual’s identity (his/her name, SSN, address, date of birth and place of birth along with one other piece of information such as mother’s maiden name) and ask for his/her consent in providing information to the requesting individual.

If a request for notification is submitted by mail, an individual must include a notarized statement to SSA to verify his/her identity or must certify in the request that he/she is the person claimed to be and that he/she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.  These procedures are in accordance with SSA Regulations (20 C.F.R. § 401.40).

Record access procedure(s):

Same as Notification procedure(s).  Requesters also should reasonably specify the record contents they are seeking.  These procedures are in accordance with SSA Regulations (20 C.F.R. § 401.50).

Contesting record procedure(s):

Same as Notification procedures.  Requesters also should reasonably identify the record, specify the information they are contesting, and state the corrective action sought and the reasons for the correction with supporting justification showing how the record is untimely, incomplete, inaccurate or irrelevant.  These procedures are in accordance with SSA Regulations (20 C.F.R. § 401.65).

Record source categories:

Incoming requests, responses, evaluations and other information obtained during the course of deciding to adopt a request.

Systems exempted from certain provisions of the Act:

None.