Step up Social Security number protection, OIG says

The Social Security Administration should do more to protect against identity theft by increasing security controls on Social Security numbers and programs, according to two new federal audits.

One of the audits targeted the millions of SSN printouts distributed by the agency each year, which have much looser security controls than Social Security cards.

The second audit recommended tighter security for the SSA’s online iClaim process, which allows applicants to file claims for benefits.

While the number of replacement cards dropped from 12 million a year to 11 million a year between 2004 and 2009, the number of printouts increased from 5 million a year to 7 million a year during that period, the Dec. 13 audit from the Office of Inspector General said.

The identity authentication requirements for the SSN printouts are less stringent than for the cards, the inspector general wrote. Also, the cards have security features to protect their integrity, while the printouts have none.

The inspector general also noted there were more instances in which people were requesting more than 10 printouts per day, or per year, and more known cases of fraud involving printouts.

“We continue to believe the agency should strengthen its controls for issuing SSN printouts,” the report states. “We found an increase in the (1) number of SSN printouts SSA issued, (2) volume of numberholders obtaining more than 10 SSN printouts in a day and a year, and (3) occurrences of fraud involving SSN printouts.”

The report made six recommendations, including advising SSA to set limits on the number of printouts that can be issued to a single person per day or per year. SSA officials agreed with five of the recommendations.

However, agency officials disputed the recommendation that field officers obtain management approval in order to issue printouts to people with insufficient or nonexistent identity documents.

“SSA disagreed with this recommendation and stated that it does not believe management review of every request involving insufficient or nonexistent documentation would be cost effective, in light of its other planned enhancements,” agency officials said.

The second audit, issued on Dec. 7, was not released in full, because it contained “restricted information.” A summary was published on the SSA’s inspector general’s website.

The summary noted that the inspector general made seven recommendations to strengthen the integrity of the iClaim online claim application process, which is currently being used by about 1.2 million applicants per year.

“We made seven recommendations to enhance the integrity of the iClaim application and ensure appropriate actions are taken for completed applications,” the summary states. “This report contains restricted information for official use. Distribution is limited to authorized officials.”

The SSA has been strongly promoting iClaim as the preferred means for baby boomers to apply for retirement benefits, with a goal of 50 percent of applications to be filed through iClaim by 2013.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.