SOCIAL SECURITY ADMINISTRATION
KINDERGARTEN
THROUGH 12TH GRADE
SCHOOLS' COLLECTION AND USE
OF SOCIAL SECURITY NUMBERS
July 2010
A-08-10-11057
AUDIT REPORT
Mission
By conducting independent and objective audits, evaluations and investigations,
we inspire public confidence in the integrity and security of SSA's programs
and operations and protect them against fraud, waste and abuse. We provide timely,
useful and reliable information and advice to Administration officials, Congress
and the public.
Authority
The Inspector General Act created independent audit and investigative units, called the Office of Inspector General (OIG). The mission of the OIG, as spelled out in the Act, is to:
Conduct and supervise independent and objective audits and investigations
relating to agency programs and operations.
Promote economy, effectiveness, and efficiency within the agency.
Prevent and detect fraud, waste, and abuse in agency programs and operations.
Review and make recommendations regarding existing and proposed legislation
and regulations relating to agency programs and operations.
Keep the agency head and the Congress fully and currently informed of problems
in agency programs and operations.
To ensure objectivity, the IG Act empowers the IG with:
Independence to determine what reviews to perform.
Access to all information necessary for the reviews.
Authority to publish findings and recommendations based on the reviews.
Vision
We strive for continual improvement in SSA's programs, operations and management
by proactively seeking new ways to prevent and deter fraud, waste and abuse.
We commit to integrity and excellence by supporting an environment that provides
a valuable public service while encouraging employee development and retention
and fostering diversity and innovation.
MEMORANDUM
Date: July 22, 2010
To: The Commissioner
From: Inspector General
Subject: Kindergarten Through 12th Grade Schools' Collection and Use of Social Security Numbers (A-08-10-11057)
OBJECTIVE
Our objective was to assess kindergarten through 12th grade (K 12) schools' collection and use of Social Security numbers (SSN) and the potential risks associated with current practices.
BACKGROUND
Millions of children enroll in K 12 schools each year. To assist in this process, K 12 schools may collect and use SSNs for various purposes. Although no single Federal law regulates overall use and disclosure of SSNs by K 12 schools, the Privacy Act of 1974, Social Security Act, and Family Educational Rights and Privacy Act of 1974 (FERPA), contain provisions that govern disclosure and use of SSNs. See Appendix B for more information on the specific provisions of these laws. Additionally, the Office of Management and Budget (OMB) issued a memorandum in 2007 on safeguarding against and responding to disclosure of personally identifiable information, including SSNs. Federal agencies are required to reduce the volume of collected and retained personally identifiable information to the minimum necessary, including establishment and implementation of plans to eliminate unnecessary collection and use of SSNs.
We reviewed relevant State laws, policies, and practices regarding K 12 schools'
collection and use of SSNs. We also contacted selected State educational agencies
to identify steps States have taken to limit K 12 schools' collection and use
of SSNs. In
?
addition, we identified incidents in which K 12 schools inadvertently and/or
improperly disclosed students' SSNs. See Appendix C for additional details regarding
the scope and methodology of our review.
RESULTS OF REVIEW
Despite the increasing threat of identity theft, our review of State laws and school policies and practices disclosed that K 12 schools' collection and use of SSNs was widespread. We determined that many K 12 schools used SSNs as the primary student identifier or for other purposes, even when another identifier would have sufficed. In addition, there has been a growing trend among State Departments of Education to establish longitudinal databases, which may include SSNs, of K 12 children in a State to track students' progress over time. While some State laws may require that K 12 schools collect SSNs in some instances, we believe some do so as a matter of convenience-because SSNs are unique identifiers and most students have an SSN. However, we do not believe administrative convenience should ever be more important than safeguarding children's personal information.
We believe the unnecessary collection and use of SSNs is a significant vulnerability for this young population. Recent data indicate the number of children under age 19 whose identities have been stolen is growing. This is particularly troubling given that some of these students may not become aware of such activity until they apply for a credit card or student loan. Because of the numerous incidences of identity theft and the recognition that SSNs are linked to vast amounts of personal information, some States have taken steps to limit the collection and use of SSNs. We are encouraged by these efforts and believe that State and local educational systems should seek additional ways to limit their collection and use of SSNs and implement stringent controls to protect SSNs when collected.
K-12 SCHOOLS' COLLECTION AND USE OF SSNs
We determined that many K 12 schools used SSNs as primary student identifiers to help in recordkeeping and tracking students throughout their school years. For example, we identified laws in 7 States that required that K-12 schools obtain students' SSNs and schools in at least 26 other States that collected students' SSNs at registration, even though no State law required that they do so. We also identified K 12 schools that included students' SSNs on such documents as enrollment applications, student profiles, graduation forms, transcripts, tests, athletic participation forms, and educational research data. In addition, we identified an elementary school poster contest in which students' SSNs were requested on entry forms attached to the back of posters. We believe such practices increase the risk of SSN misuse and unnecessarily subject students to the possibility of identity theft.
In addition to K 12 schools' collection and use of SSNs, there is a growing trend among State Departments of Education to establish longitudinal databases of all K 12 children within a State to track students' progress over time, according to a recent university study. The study found that privacy protections for these databases were generally lacking in the majority of States. Furthermore, the study reported that at least 32 percent of States warehoused children's SSNs, and over 80 percent of States apparently failed to have data retention policies and were likely to hold student information indefinitely. In addition, several States outsourced the data-warehousing function without any protections for privacy in vendor contracts. While we recognize there are some legitimate reasons for data collection in K 12 educational systems (for example, tracking school improvement), we question the need for States to collect SSNs, especially when States also assign a unique identification number to students in these databases. Until States stop collecting SSNs and redact existing SSNs, we encourage States to implement stringent security measures when establishing such databases.
The coordinator of the Statewide Longitudinal Data Systems Grant Program told us the U.S. Department of Education does not instruct States to collect SSNs when establishing longitudinal databases. Although 28 (56 percent) States collect SSNs, he agreed they may not need to continue this practice because all States now assign a unique identification number to students in these databases. According to the grant program coordinator, the primary reason some States collect K 12 students' SSNs is to allow States to track students as they move to post secondary education systems and enter the workforce. While he acknowledged that privacy protections may vary among States, he believes that most States understand the importance of having safeguards in place to protect personally identifiable information and are working to do so.
POTENTIAL RISKS ASSOCIATED WITH COLLECTING AND USING SSNs
K 12 schools' collection and use of SSNs entail certain risks. Each time a student provides his/her SSN, the potential for a dishonest individual to unlawfully gain access to, and misuse, the SSN increases. Identity thieves often target children because they have clean credit histories, and their records may be used for years before they realize their identity has been used for criminal activities. Since 2005, 40 school related breaches of children's personally identifiable information (including SSNs) have been reported. Because many K 12 schools still use SSNs as the primary student identifier, students' exposure to such activity remains. We believe the following examples illustrate K 12 students' risk of exposure to identity theft and fraud.
In March 2009, 8 individuals were indicted and arrested for breaking into about 50 public schools in Puerto Rico and stealing personal identification documents (including SSN cards) from as many as 12,000 students, teachers, and school administrators. The documents were stolen for sale to illegal immigrants interested in using the identities of U.S. citizens. The documents were sold as sets (SSN cards and birth certificates), originals or copies, starting at $150 or $40, respectively.
In December 2009, a North Carolina school system accidentally sent out about 5,000 postcards with students' SSNs printed on the front.
In September 2009, 15 boxes containing hundreds of students' confidential records (including birth certificates and SSN cards) were dumped on the sidewalk in front of their former New York high school.
In October 2008, more than 400 identification cards were recalled from a Maryland high school when officials realized that student SSNs had been printed on some of them, even though the school system assigned students distinct identification numbers. The school system also appears to use SSNs in student lunch codes.
In November 2009, documents from a Texas school district's lunch program for 2003 to 2006 were left at a television news station with a note attached claiming the documents were found at a recycling center. Students' SSNs were visible on the documents.
SOME STATES HAVE TAKEN STEPS TO LIMIT SSN COLLECTION AND USE
The increase in identity theft and the recognition that SSNs are linked to vast amounts of personally identifiable information have led some States to limit SSN collection and use in K 12 schools. We identified four States that had enacted laws to prohibit K 12 schools or State educational agencies from using SSNs as primary student identifiers. In addition, we identified four other States that had policies and practices that restricted the collection and/or use of SSNs in K 12 schools. Education officials in these States confirmed that there was no need to use SSNs as student identifiers when other unique identifiers were sufficient to track K 12 students. The following examples illustrate some of the steps States have taken to limit SSN collection and use in K 12 schools.
No public educational institution in Rhode Island, including the State Department of Elementary and Secondary Education, may assign an individual identification number to a student that is identical to, or incorporates, the individual's SSN. In addition, no public educational institution may allow the public display of a student's SSN or any four or more consecutive numbers contained in the individual's SSN for any purpose.
While a school board or governing body of a private school may assign a unique identification number to each K 12 student in Wisconsin, they may not assign a number that is identical to, or incorporates, the student's SSN. The identification number is intended to travel with the student throughout his/her academic career and is used for all required State reporting. This eliminates the need for school districts to use SSNs as student identifiers in their computer systems.
Nebraska does not have a law that prohibits SSNs as student identifiers. However, school districts do not use SSNs as such because the Nebraska Department of Education assigns a Student ID, which is a 10-digit, randomly assigned number. Furthermore, Nebraska does not store SSNs in its data warehouse. An education official told us SSNs are not a universally used identifier for school purposes because it is too much trouble to protect the SSN at the State level.
While there is no law in North Dakota prohibiting the use of SSNs as student
identifiers, the Department of Public Instruction avoids using SSNs as student
identifiers because of sensitivity issues. An education official told us the
unique student identifier it uses sufficiently tracks students through the K
12 system, thus eliminating the need to use SSNs.
In previous audits, we identified instances in which colleges and universities
used SSNs as the primary student identifier or for other purposes. However,
numerous incidences of identity theft led some schools to reconsider the practice.
In addition, some States enacted laws to regulate college and university use
of SSNs. We are encouraged by those efforts and believe that State and local
governments should afford the same protections to students in K 12 schools.
CONCLUSION AND RECOMMENDATIONS
Despite the potential risks associated with using SSNs as primary student identifiers, many K 12 schools continue this practice. While we recognize that SSA cannot prohibit States or K 12 schools from collecting and using SSNs as student identifiers or for other purposes, we believe SSA can help reduce the threat of identity theft and SSN misuse by encouraging States and K 12 schools to reduce unnecessary collection of SSNs and improve protections and safeguards when collected. We recommend that SSA:
1. Coordinate with State Departments of Education and K 12 school systems to inform the education community about the potential risks associated with using SSNs as student identifiers or for other purposes.
2. Encourage State Departments of Education and K 12 schools to reduce unnecessary collection and use of SSNs and implement stringent safeguards to protect SSNs when collected.
3. Promote the best practices of States and K 12 schools that have taken steps to limit SSN collection and use.
AGENCY COMMENTS AND OIG RESPONSE
SSA agreed with our recommendations. The Agency's comments are included in Appendix D.
Patrick P. O'Carroll, Jr.
Appendices
APPENDIX A - Acronyms
APPENDIX B - Federal Laws That Govern Disclosure and Use of the
Social Security Number
APPENDIX C - Scope and Methodology
APPENDIX D - Agency Comments
APPENDIX E - OIG Contacts and Staff Acknowledgments
Appendix A
Acronyms
C.F.R. Code of Federal Regulations
FERPA Family Educational Rights and Privacy Act of 1974
K 12 Kindergarten Through 12th Grade
NEA National Education Association
OIG Office of the Inspector General
OMB Office of Management and Budget
Pub. L. No. Public Law Number
SSA Social Security Administration
SSN Social Security Number
U.S.C. United States Code
Appendix B
Federal Laws That Govern Disclosure and Use of the Social Security Number
The following Federal laws establish a general framework for disclosing and using the Social Security number (SSN).
The Privacy Act of 1974
The Privacy Act of 1974 (the Privacy Act) indicates, in part, that it is unlawful for any Federal, State, or local government agency to deny any individual any right, benefit, or privilege provided by law because of such individual's refusal to disclose his/her SSN, unless the disclosure is required by Federal statute or is to any Federal, State, or local agency maintaining a system of records in existence and operating before January 1, 1975, such disclosure was required under statute or regulation adopted before such date to verify the identity of an individual. Further, under Section 7(b) of the Privacy Act, any Federal, State, or local government agency requesting that an individual disclose his/her SSN must inform the individual whether the disclosure is voluntary or mandatory, by what statutory or other authority the SSN is solicited and what uses will be made of the SSN.
The Social Security Act
The Social Security Act provides, in part, that "Social security account
numbers and related records that are obtained or maintained by authorized persons
pursuant to any provision of law enacted on or after October 1, 1990, shall
be confidential, and no authorized person shall disclose any such social security
account number or related record." The Social Security Act also provides,
in part, that ". . . [w]hoever discloses, uses, or compels the disclosure
of the social security number of any person in violation of the laws of the
United States; shall be guilty of a felony
." The Social Security
Act
authorized certain State and local agencies to use the SSN for certain purposes
and allows, or in certain instances requires, such agencies to require individuals
to furnish their SSNs for such purposes.
The Family Educational Rights and Privacy Act of 1974
The Family Educational Rights and Privacy Act of 1974 (FERPA) protects the privacy of student education records. FERPA applies to those schools that receive funds under an applicable program of the U.S. Department of Education. Under FERPA, an educational institution must have written permission from the parent or eligible student to release any personally identifiable information (which includes SSNs) from a student's education record. FERPA does, however, provide certain exceptions in which a school is allowed to disclose records without consent. These exceptions include disclosure without consent to: other school officials who have a legitimate educational interest in the information, officials of institutions where the student is seeking to enroll/transfer, parties to whom the student is applying for financial aid, the parent of a dependent student, appropriate parties in compliance with a judicial order or lawfully issued subpoena, or health care providers in the event of a health or safety emergency.
Appendix C
Scope and Methodology
To accomplish our objective, we:
Reviewed relevant laws from all 50 States regarding kindergarten through 12th (K 12) schools' use of Social Security numbers (SSN).
Reviewed Internet Websites of K 12 State educational agencies. We also selected and reviewed a sample of local K 12 school system Websites because of the large number of such entities.
Researched child identity theft and occurrences of school-related SSN exposure using Internet search engines.
Discussed development of the Statewide Longitudinal Data Systems Grant Program with the U.S. Department of Education.
Reviewed selected studies and articles regarding K 12 schools' collection and use of SSNs.
Contacted selected State educational agencies to determine policies and practices regarding K 12 schools' collection and use of SSNs.
Our review of internal controls was limited to gaining an understanding of the collection and use of SSNs by K 12 schools. The Social Security Administration entity reviewed was the Office of the Deputy Commissioner for Operations. We conducted our audit from November 2009 through April 2010 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective. We believe the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.
Appendix D
Agency Comments
MEMORANDUM
Date: July 16, 2010
To: Patrick P. O'Carroll, Jr.
Inspector General
From: James A. Winn /s/
Executive Counselor to the Commissioner
Subject: Office of the Inspector General (OIG) Draft Report, "Kindergarten Through 12th Grade Schools' Collection and Use of Social Security Numbers" (A-08-10-11057)--INFORMATION
Thank you for the opportunity to review and comment on the draft report. We appreciate OIG's efforts in conducting this review. Attached is our response to the report findings and recommendations.
Please let me know if we can be of further assistance. Please direct staff
inquiries to
Candace Skurnik, Director, Audit Management and Liaison Staff, at extension
54636.
SSA Response
COMMENTS ON THE OFFICE OF THE INSPECTOR GENERAL (OIG) DRAFT REPORT, "KINDERGARTEN THROUGH 12TH GRADE SCHOOLS' COLLECTION AND USE OF SOCIAL SECURITY NUMBERS (SSN)" (A-08-10-11057)
We agree there are many risks associated with schools using SSNs as primary identifiers. We appreciate your acknowledging that we cannot prohibit the practice. Nevertheless, we do actively discourage use of SSNs. We describe some of our efforts for doing so in our response below.
Recommendation 1
Coordinate with State Departments of Education and K 12 school systems to inform the education community about the potential risks associated with using SSNs as student identifiers or for other purposes.
Response
We agree. Our website Social Security.gov already provides publications, policy, frequently asked questions (FAQ), and best practices for protecting SSNs. More information is available in these links:
http://www.socialsecurity.gov/pubs/10002.html#protect
http://www.socialsecurity.gov/phila/ProtectingSSNs.htm
http://www.socialsecurity.gov/kc/id_practices_best.htm
https://secure.ssa.gov/apps10/poms.nsf/lnx/0100201070
http://ssa-custhelp.ssa.gov/app/answers/detail/a_id/1122/kw/protect%20ssn
http://ssa-custhelp.ssa.gov/app/answers/detail/a_id/1649/kw/protect%20ssn
In addition, in response to the September 2007 OIG Final Report, "State and Local Governments' Collection and Use of Social Security Numbers" (A-08-07-17086), we are preparing articles promoting these web pages to state and local governments as part our ongoing educational outreach efforts.
Recommendation 2
Encourage State Departments of Education and K 12 schools to reduce unnecessary collection and use of SSNs and implement stringent safeguards to protect SSNs when collected.
Response
We agree. See response to recommendation 1.
Recommendation 3
Promote the best practices of States and K 12 schools that have taken steps to limit SSN collection and use.
Response
We agree. See response to recommendation 1.
Appendix E
OIG Contacts and Staff Acknowledgments
OIG Contacts
Kimberly Byrd, Director, Atlanta Audit Division
Jeff Pounds, Audit Manager, Birmingham Office of Audit
Acknowledgments
In addition to those named above:
Kathy Yawn, Senior Auditor
For additional copies of this report, please visit our web site at www.socialsecurity.gov/oig or contact the Office of the Inspector General's Public Affairs Staff Assistant at (410) 965-4518. Refer to Common Identification Number A-08-10-11057.
Overview of the Office of the Inspector General
The Office of the Inspector General (OIG) is comprised of an Office of Audit
(OA), Office of Investigations (OI), Office of the Counsel to the Inspector
General (OCIG), Office of External Relations (OER), and Office of Technology
and Resource Management (OTRM). To ensure compliance with policies and procedures,
internal controls, and professional standards, the OIG also has a comprehensive
Professional Responsibility and Quality Assurance program.
Office of Audit
OA conducts financial and performance audits of the Social Security Administration's
(SSA) programs and operations and makes recommendations to ensure program objectives
are achieved effectively and efficiently. Financial audits assess whether SSA's
financial statements fairly present SSA's financial position, results of operations,
and cash flow. Performance audits review the economy, efficiency, and effectiveness
of SSA's programs and operations. OA also conducts short-term management reviews
and program evaluations on issues of concern to SSA, Congress, and the general
public.
Office of Investigations
OI conducts investigations related to fraud, waste, abuse, and mismanagement
in SSA programs and operations. This includes wrongdoing by applicants, beneficiaries,
contractors, third parties, or SSA employees performing their official duties.
This office serves as liaison to the Department of Justice on all matters relating
to the investigation of SSA programs and personnel. OI also conducts joint investigations
with other Federal, State, and local law enforcement agencies.
Office of the Counsel to the Inspector General
OCIG provides independent legal advice and counsel to the IG on various matters,
including statutes, regulations, legislation, and policy directives. OCIG also
advises the IG on investigative procedures and techniques, as well as on legal
implications and conclusions to be drawn from audit and investigative material.
Also, OCIG administers the Civil Monetary Penalty program.
Office of External Relations
OER manages OIG's external and public affairs programs, and serves as the principal
advisor on news releases and in providing information to the various news reporting
services. OER develops OIG's media and public information policies, directs
OIG's external and public affairs programs, and serves as the primary contact
for those seeking information about OIG. OER prepares OIG publications, speeches,
and presentations to internal and external organizations, and responds to Congressional
correspondence.
Office of Technology and Resource Management
OTRM supports OIG by providing information management and systems security.
OTRM also coordinates OIG's budget, procurement, telecommunications, facilities,
and human resources. In addition, OTRM is the focal point for OIG's strategic
planning function, and the development and monitoring of performance measures.
In addition, OTRM receives and assigns for action allegations of criminal and
administrative violations of Social Security laws, identifies fugitives receiving
benefit payments from SSA, and provides technological assistance to investigations.