About the Office of Privacy and Disclosure
The Office of Privacy and Disclosure (OPD) is one of the major components within the Office of the General Counsel (OGC). OPD develops and interprets Social Security Administration (SSA) policy governing the collection, use, maintenance, and disclosure of personally identifiable information under the Privacy Act, section 1106 of the Social Security Act, section 6103 of the Internal Revenue Code, and related privacy statutes and regulations. Additionally, OPD develops policy for data exchange agreements governed by the Privacy Act and the Computer Matching and Privacy Protection Act (CMPPA).
OPD also directs all FOIA activities within SSA, including developing FOIA policies and procedures, establishing national guidelines for handling FOIA requests, publishing the Annual Report on FOIA activities, and reviewing FOIA and Privacy Act requests and appeals to determine the proper disclosure of records.
SSA employs a “centralized” approach for handling all FOIA requests and appeals the public submits to the agency. To accomplish our FOIA mission, OPD’s structure includes two Disclosure Policy Development Divisions, each aligned to specific SSA Regional Offices. This alignment helps us efficiently and consistently process FOIA requests, and handle disclosure and privacy matters. Regional staff may directly consult with the same core set of analysts on disclosure policy and procedure matters, instead of going through a clearinghouse process that randomly assigns inquiries to a “pool” of analysts.
This arrangement also allows the OPD analyst to become familiar with privacy and disclosure issues that may be unique to a particular geographic region due to State or local laws, or other influencing factors.
Regardless of the submission method, we capture all FOIA requests in our electronic Freedom of Information Act (eFOIA) system. We scan and image all paper requests (mail, email, and fax) into eFOIA, whereas requests the public submits through our internet request form go directly into eFOIA. As soon as we enter a request into the system, or a person submits an online request, eFOIA generates an acknowledgement letter. This letter confirms our receipt of the request, and provides a reference number we specifically assign to the requester’s case. The acknowledgment letter also provides a voice mailbox telephone number so the requester can call to inquire about the status of his or her request.
Under FOIA, we may charge fees to process certain FOIA requests. The eFOIA system allows requesters to pay online for some routine requests, which accelerates our responsiveness to the public and reduces our administrative costs.
We strive to handle each request within 20 working days from the date we receive it. We process requests under a “first in, first out” basis. However, sometimes it may take us longer depending on the complexity of the request, the amount of records sought, where the documents are located, and how much other work we have.
A complex request may require us to obtain more information from either the requester, or from office(s) within SSA. A request may require us to seek paper records that we collectively maintain in multiple geographic locations, or in archived storage.
Prior to releasing records in response to a FOIA request, OPD conducts a thorough internal review to ensure that we apply SSA’s privacy and disclosure rules consistently and accurately. The complexity and nature of each request determines the level of review we require, which can include input and review by other offices within SSA such as, the Office of General Law, the Press Office, or the Office of Legislation and Congressional Affairs.
We take pride in our ability to act on Privacy Act and FOIA requests in an accurate and timely manner. The result of our efforts in this area can best be seen in our Annual Reports. In 2009, SSA responded to over 31,000 FOIA requests, and ended the fiscal year with a backlog of less than three-tenths of one percent of our total cases pending. The agency’s performance is a testament to the experience and quality of the workforce in OPD. The average analyst has been with SSA for 22 years and has, on average, 12 years of Privacy Act and FOIA experience.
SSA continues to strive to improve our capacity and capability to respond to Privacy Act and FOIA requests.
- OPD instituted an in-house FOIA/Privacy Act training program for analysts that focuses on various technical, legal, and “hands-on” issues involved in processing requests. Some of these sessions focus on the administrative processes that arise under FOIA that can cause unnecessary delay in responding. This training provides a formal platform to emphasize the importance of presumptive disclosure, to discuss recent disclosures, and to examine new possibilities for additional disclosures.
- OPD continues to provide Privacy Act and FOIA training at an agency level through our biennial Privacy and Disclosure Training Conference. This year’s conference will include sessions on the importance of openness and transparency in government.
OPD maintains a commitment to use technology to enhance our capabilities. In 2007, OPD implemented a new browser-based platform (eFOIA) designed specifically to automate much of the workflow for handling Privacy Act and FOIA requests. In FY 2010, OPD has released four updates/changes/enhancements to the system, with two more scheduled for release later in the FY to further improve our system.