APPENDIX G

APPENDIX G

SOCIAL SECURITY ADMINISTRATION DATA SECURITY MEASURES

The confidentiality of records has been a cornerstone of SSA policy from the inception of the Agency under the mandate of Title 20, Chapter III, Part 401 of the Code of Federal Regulations issued in 1937 and section 1106 of the Act passed by Congress in 1939. To ensure the safety of records in SSA's possession, certain data security measures are taken.

Data security measures begin with thorough training. Employees are trained in the restrictions against disclosure contained in the Act and the regulations; the criminal sanctions for unauthorized disclosure; and the procedures used to assure that disclosures authorized by statute and regulation are released to the proper parties. The physical security measures established to safeguard records are discussed below:

MANUALLY MAINTAINED RECORDS

Manually maintained records are kept in locked file cabinets or in otherwise secure areas. Access to the records is limited to employees who require the information contained in the records to perform the duties assigned to them. In many cases, the records are selected for the employees needing access to them by other employees who are specifically charged with the maintenance of the records. This safeguard restricts the number of persons authorized to be in the storage areas and facilitates the control over the access to the information contained in the records to those who need it.

Records which are not handled in the manner previously described are securely stored so that unauthorized individuals may not gain access to them.

AUTOMATED RECORDS

The NCC houses SSA's computer equipment and automated records. Entry into the building is restricted to employees whose duties require such entry. Special passes containing the employees' photographs are issued to all personnel authorized to enter the building. The passes are worn at all times. Marshals are stationed in the lobby of the NCC to ensure that only employees authorized to enter the building do so. Employees use elevators that access five floors only one of which each employee is authorized to enter as his/her work station.

It is necessary for employees to enter their badges in a slot to activate a turnstile and gain admittance to the floor. Badges are keyed for specific floors. Magnetic tape records and records stored on other media are kept in a library to which entry is restricted to employees who are authorized to work in the library.

Entry into the computer rooms in the main building is restricted to employees whose duties require such entry. All employees who are authorized to enter this area wear special photograph passes. Marshals are stationed at each entrance to assure that only possessors of the special passes are admitted. Access to the information contained in these records is controlled by various manual and automated devices. Only employees who require the information to perform their duties may obtain it.

Some automated records are maintained in the PSC's located throughout the country (See Appendix A for address information). Entrance to the PSC buildings is restricted to employees with building passes. In addition, special passes identify employees whose duties require entry into the computer rooms. Access to the information contained in these records is also controlled. Only employees who require the information to perform their duties may obtain it.

Data is transmitted from SSA field offices and PSC's to Headquarters and returned. For the most part, sensitive and urgent traffic is sent over lines leased by SSA for SSA'S sole use. The remaining traffic sent directly by wire is sent via lines leased by the Federal Government for use by all Federal agencies.

Internal computer security is safeguarded by access codes, edit checks, data reformatting and return address codes. These safeguards assure that

o only authorized access to the computer system is permitted,

o the particular data requested from the system can be released to the requester, and

o control is maintained over the locations to which systems data may be sent.