Rep. SSA in PEBES spat

Rep. Jim Bunning (R-Ken.) chairman of the House Ways and Means Committee's Subcommittee on Social Security and John Callahan the acting commissioner of the Social Security Administration have squared off over the security of SSA's new service to provide Internet access to benefits information.

In a Sept. 5 letter to Callahan Bunning wrote that he was "not convinced that the [SSA] has reached a safe balance between user privacy and easy access to records."

In a Sept. 10 letter Callahan fired back "Your point regarding achievement of a balance between user privacy and access was the focus of the six national forums the SSA held over the past few months." Callahan said more than 70 experts and members of the public proposed options and solutions that were considered. Bunning has yet to schedule any hearings about SSA's online service.

In April SSA was forced to close its online access to the Personal Earnings and Benefit Estimate Statement service in which people could use the Internet to access their earnings history as well as their current and estimated future Social Security cash benefits. News reports indicated that anyone who knew basic information about someone else could access that person's private earnings records.

Under the new system SSA will remove earnings and tax information on the site. Also the new system requires the user to give detailed personal information. The new PEBES is scheduled to go online by the end of the year.

House passes security act

The House last week passed a bill designed to provide strong guidance to agencies on computer security and to encourage agencies to use commercial security tools.

The Computer Security Enhancement Act of 1997 which would revamp the 10-year-old Computer Security Act taps the National Institute of Standards and Technology as the lead agency for information security. It also requires NIST to promote the use of commercial off-the-shelf security products.

The bill also enhances the role of the independent Computer System Security and Privacy Advisory Board in NIST's decision-making proc-ess. The board made of representatives from industry and agencies will help NIST develop standards and guidelines for federal systems.

New encryption deadline set

NIST last week set a June 1998 deadline for the submission of new encryption standards that will replace the aging Data Encryption Standard.

DES is the required federal standard for the protection of all encrypted data that is characterized as sensitive but unclassified.

NIST began the search to replace the 20-year-old DES in January.

According to a NIST statement the agency wants a replacement standard with a strength equal to or better than Triple DES or three operations of the 56-bit DES.

In the event that more than one algorithm is received that officials determine is significantly better NIST may consider recommending more than one standard.


  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.