More modern IT could keep SSA from mailing out Social Security numbers

Shutterstock image: digital records overlay.

If you have ever received a notice in the mail from the Social Security Administration, odds are your Social Security number was on it. Of the 352 million notices the agency mailed last year, about 233 million included the recipients' full SSNs, potentially putting people at risk of identity theft, according to an inspector general report released on April 27.

The government has long advocated that agencies stop using the numbers as personal identifiers, and many large agencies have already done so. The IG recommends that SSA follow suit and prioritize removing SSNs from their mailed notices and re-evaluate how much it would cost to do so.

SSA officials agreed with both recommendations but said making the change in fiscal 2016 would mean postponing other critical IT projects. Meanwhile, the agency plans to use existing IT projects to replace SSNs with Beneficiary Notice Control Numbers on a case-by-case basis and as resources permit.

Right now, the agency's operational and systems infrastructure is still designed for SSNs. Employees cannot communicate personal information to callers without the numbers, even if they have their BNCs. And if they don't remember their SSNs, callers have to go to a field office, where an employee searches for their numbers. That could create confusion, longer call times and more field office visits.

Also, SSA employees cannot use BNCs to query the Online Retrieval System where they store electronic copies of mailed notices. Instead, they must must cross-check the BNC with the SSN, adding a step to the process.

An SSA workgroup formed in June 2015 recommended delaying the removal of SSNs from all notices until the agency has enough resources. The workgroup estimated it would cost about $14 million to replace SSNs with BNCs on mailed notices, but the IG said the group did not provide documentation to support that estimate.

Ultimately, the IG stressed the importance of protecting people from the risk of identity theft associated with sending personally identifiable information through the mail.

"Convenience should not come before the security of individuals' private and sensitive information," the report states.

About the Author

Bianca Spinosa is an Editorial Fellow at FCW.

Spinosa covers a variety of federal technology news for FCW including workforce development, women in tech, and the intersection of start-ups and agencies. Prior to joining FCW, she was a TV journalist for more than six years, reporting local news in Virginia, Kentucky, and North Carolina. Spinosa is currently pursuing her Master’s degree in Writing at George Mason University, where she also teaches composition. She earned her B.A. from the University of Virginia.

Click here for previous articles by Spinosa, or connect with her on Twitter: @BSpinosa.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.