social security

Agency Use of SSNs Poses Security Risk

In April, Rep. Jason Chaffetz, Chairman of the House Oversight & Government Reform Committee (OGR) wrote to the Government Accountability Office (GAO) Comptroller to request an update on an agency-wide review of databases intended to reduce the number of cases where Social Security numbers (SSNs) are collected for citizen services. 

Yet federal agencies still haven’t reviewed their data on SSNs for nearly a decade – the last recorded review from the Office of Management and Budget (OMB) dates back to May 2007.

While convenient for agencies to identify and track citizens’ records in databases, SSNs are common links to other personally identifiable information, and easy targets for would-be hackers. But a law signed by President Barack Obama in January 2015 has given the Centers for Medicare and Medicaid Services four years to move beneficiaries to a new Medicare card that does not have their SSN on it.

In an interview with Federal News Radio, Marc-Anthony Signorino, executive director at the Identity Ecosystem Steering Group, said the federal government has been slow to roll out chip cards in place of the old SSN model due to a rise in costs.

“There are a lot of other practices and procedures out there that can be examined, too, but I think the question is a cost-risk benefit,” Signorino said. “For some high-risk transactions — at IRS, you really want to protect someone’s identity, or at CMS you really want to protect somebody’s health information — that might be worth it.”

In the case of the Internal Revenue Service (IRS), they have utilized cheaper, but lower-tech verification methods such as security questions that relay on personal information when a user forgets their password.

“We have this citizen number, really it’s your Social Security number. But it was never intended to be used for anything other than receiving Social Security benefits, and it was legally barred for using it for anything other than Social Security benefits. But what happened is there have been so many exceptions to the rule that have been put on there … that exception swallows the rule,” Signorino said in the interview.

Posted in General News

PrintEmail

Add comment


Security code
Refresh

This Week on FEDtalk

This Week on FEDtalk: Data Accessibility: Your Data Distilled

Tune in to FEDtalk this Friday to learn how federal agencies are using data visualization techniques to better educate the public on what they are doing and to improve government transparency.

Read more ...

Manager Matters

One Month into the New Administration

Policy changes and refocused initiatives are developing just one month into President Trump’s administration.

Read more ...
FEDmanager

FEDmanager.com

The free weekly e-report for Federal Executives, Managers & Supervisors

About FEDmanager

Click to learn more about us

Get in touch with us

Email FEDmanager publisher

Copyright 2015 FEDmanager.com
Built with HTML 5 & CSS 3