Federal agencies continue to over-collect, over-use and over-display Social Security numbers, leading to the an unnecessarily high risk of identity theft.
That’s the latest from the U.S. Government Accountability Office. In a recent report GAO declares that a decade’s worth of effort to pare the use of SSNs in government has had only “limited success.”
While all 24 agencies covered by the Chief Financial Officers (CFO) Act have developed plans to the reduce the use of SSNs, they have been hampered in implementing those plans.
Agencies cited statutes and regulations mandating SSN collection. They told inspectors that SSNs often are necessary in interactions with other federal entities, and that technological constraints within agency systems and processes have hampered their efforts to reduce the use of the identifier. “Further, poor planning by agencies and ineffective monitoring by OMB have also limited efforts to reduce SSN use,” GAO notes.
The report comes at a time when Congressional overseers have focused their scrutiny on the apparent over-use of SSNs in government. This spring the House Ways and Means Social Security Subcommittee and the Oversight and Government Reform Information Technology Subcommittee held a joint hearing on the subject.
“Our SSNs are connected to so many personal aspects of our lives — from our Social Security benefits and finances, to our medical histories and education,” said the hearing’s chair, Rep. Tom Rice (R-SC). “This hearing is about making sure that SSNs are only used when necessary and that the federal government is doing what it can and what it should to make sure that when SSNs are used and collected, they are kept safe.”
Some federal entities have taken action. GAO points to the Department of Defense, which has replaced SSNs on its identity cards. Nonetheless, use of SSNs is widespread. Of the 24 CFO Act agencies, 22 use the identifier for employee benefits and services; 17 use it for law enforcement; 16 for statistical and research purposes; 13 for tax purpose and 12 for other uses.
The fix should come from OMB, which could set standards for how the rest of government handles SSNs.
“GAO recommends that OMB require complete plans for ongoing reductions in the collection, use, and display of SSNs, require inventories of systems containing SSNs, provide criteria for determining ‘unnecessary’ use and display, ensure agencies update their progress in annual reports, and monitor agency progress based on clearly defined performance measures,” the report states.