Medicare Part B Buy-In Information System, SSA/OPB

Effective Date: March 2, 1999 
(64 F.R. 10173)
 
SOCIAL SECURITY ADMINISTRATION NOTICE OF SYSTEM OF RECORDS REQUIRED BY THE PRIVACY ACT OF 1974

System number:  60-0268

System name: 

Medicare Part B Buy-In Information System, SSA/OPB

Security classification: 

None

System location

Social Security Administration 
Office of Research 
Evaluation and Statistics 
ITC Building, 9th Floor 
500 E. Street, SW 
Washington, D.C. 20254   

Categories of individuals covered by the system: 

All persons screened in the Medicare Part B buy-in demonstration program for potential eligibility for Medicare buy-in programs.  This includes Social Security beneficiaries who have attained age 65, disabled Social Security beneficiaries who have received 24 consecutive months of Social Security benefits, and certain individuals who suffer from end stage renal disease.

Categories of records in the system: 

The system contains information supplied by a beneficiary during a screening interview conducted by SSA staff to determine potential eligibility for Medicare Part B buy-in programs. This information may include the individual's name, Social Security number (SSN), date of birth, address, marital status and such other information as may be supplied by the beneficiary regarding income, resources and living arrangements.  Information may also be obtained from the Master Beneficiary Record and from the Supplemental Security Income Record, as needed.  The beneficiary will also be surveyed as to how he or she learned about the Medicare Part B buy-in programs.

Authority for maintenance of the system: 

Title IV of Division A, Social Security Administration, of the Omnibus Consolidated and Emergency Supplemental Appropriations Act, 1999, Public Law (P.L.) 105-277.

Purpose(s): 

All information on the system will be maintained under the beneficiary's Social Security number.  The system will be designed to determine a beneficiary's potential eligibility for Medicare Part B buy-in and gather information to be used in evaluating the effectiveness of the methodologies tested under the demonstration authority in P.L. 105-277 to increase Medicare buy-in applications and enrollments.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses: 

Disclosure may be made for routine uses as indicated below:

1.  Disclosure to third parties in situations where the party to be contacted has, or is expected to have, information relating to the individual's eligibility for, or entitlement to, benefits under a Social Security program when the data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following:

            (a) his or her eligibility for benefits under a Social Security program;

            (b) the amount of his or her benefit payment;

    (c)   any case in which the evidence is being reviewed as a result of suspected fraud, concern for program integrity, quality appraisal, or evaluation and measurement activities.

2.  Disclosure to the Office of the President for the purpose of responding to an individual pursuant to an inquiry received from that individual or a third party on his or her behalf.

3.  Disclosure to a congressional office in response to an inquiry from that office made at the request of the subject of  a record.

4.  Disclosure to State or local agencies, (or agents on their behalf), for administering the Medicaid program.

5.  Disclosure to contractors and other Federal agencies, as necessary, for the purpose of assisting SSA in the efficient administration of its programs.

6.  Disclosure to the Department of Justice (DOJ), a court or other tribunal, or other third- party before such tribunal when:

                (a) SSA, or any component thereof, or

                (b) Any SSA employee in his or her official capacity; or

(c)  Any SSA employee in his or her individual capacity where DOJ (or SSA where it is authorized to do so) has agreed to represent the employee; or

(d) The United States or any agency thereof where SSA determines that the litigation is likely to affect the operations of SSA or any of its components, is a party to litigation or has an interest in such litigation, and SSA determines that the use of such records by DOJ, the court or other tribunal is relevant and necessary to the litigation, provided, however, that in each case, SSA determines that such disclosure is compatible with the purpose for which the records were collected.

7.  Information may be disclosed to student volunteers and other workers, who technically do not have the status of Federal employees, when they are performing work for SSA as authorized by law, and they need access to personally identifiable information in SSA records in order to perform their assigned Agency functions.

8.  Non-tax return information, the disclosure of which is not expressly restricted by Federal law, may be disclosed to the General Services Administration (GSA) and the National Archives and Records Administration (NARA) under 44 U.S.C. § 2904 and § 2906, as amended by the National Archives and Records Administration Act of 1984, for the use of those agencies in conducting records management studies.

9.  We may disclose information to appropriate Federal, State, and local agencies, entities, and persons when (1) we suspect or confirm that the security or confidentiality of information in this system of records has been compromised; (2) we determine that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs of SSA that rely upon the compromised information; and (3) we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. SSA will use this routine use to respond only to those incidents involving an unintentional release of its records.

Policies and practices for storing, retrieving, accessing, retaining and disposing of records in the system:

Storage: 

Data may be stored in paper form and on magnetic media (e.g., discs).

Retrievability: 

Records in this system are indexed and retrieved by the SSN.

Safeguards: 

Security measures include the use of access codes to enter the computer system which will maintain the data, and storage of the computerized records in secured areas which are accessible only to employees who require the information in performing their official duties.  Any paper records will be kept in locked cabinets or in otherwise secure areas. Contractor personnel having access to data in the system of records will be required to adhere to SSA rules concerning safeguards, access and use of the data.  SSA and contractor personnel having access to the data will be informed of the criminal penalties of the Privacy Act for unauthorized access to or disclosure of information maintained in this system of records.

Retention and disposal: 

Magnetic discs and other files with personal identifiers are retained in secure areas accessible only to authorized personnel and will be disposed of as soon as they are determined to be no longer needed for contractor or SSA analysis.  Means of disposal will be appropriate to the storage medium (e.g., deletion of magnetic discs or shredding of paper records).  Records used in administering the demonstration and experimental programs will be retained indefinitely.

System manager and address: 

Director 
Division of Representative Payment and Evaluation 
Office of Program Benefits 
Social Security Administration 
6401 Security Boulevard 
Baltimore, Maryland 21235

Notification procedure:

An individual can determine if this system contains a record about him/her by writing to the systems manager(s) at the above address and providing his/her name, SSN or other information that may be in the system of records that will identify him/her.  An individual requesting notification of records in person should provide the same information, as well as provide an identity document, preferably with a photograph, such as a driver’s license or some other means of identification, such as a voter registration card, credit card, etc.  If an individual does not have any identification documents sufficient to establish his/her identity, the individual must certify in writing that he/she is the person claimed to be and that he/she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.

If notification is requested by telephone, an individual must verify his/her identity by providing identifying information that parallels the record to which notification is being requested.  If it is determined that the identifying information provided by telephone is insufficient, the individual will be required to submit a request in writing or in person.  If an individual is requesting information by telephone on behalf of another individual, the subject individual must be connected with SSA and the requesting individual in the same phone call.  SSA will establish the subject individual’s identity (his/her name, SSN, address, date of birth and place of birth along with one other piece of information such as mother’s maiden name) and ask for his/her consent in providing information to the requesting individual.

If a request for notification is submitted by mail, an individual must include a notarized statement to SSA to verify his/her identity or must certify in the request that he/she is the person claimed to be and that he/she understands that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.  These procedures are in accordance with SSA Regulations (20 CFR § 401.40).

Record access procedures: 

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. See 20 C.F.R. § 401.40(b)(1998).

Contesting record procedures: 

Same as notification procedures. Requesters should also reasonably identify the record, specify the information they are contesting and state the corrective action sought and the reasons for the correction with supporting justification showing how the record is untimely, incomplete, inaccurate or irrelevant.  These procedures are in accordance with SSA regulations 20 C.F.R. § 401.65(1998).

Record source categories: 

Data for the system are secured primarily from individual beneficiaries (or their representative payees if applicable) who are screened for eligibility for Medicare Part B buy-in as part of SSA's demonstration.  Records in this system may also be derived in part from other SSA systems of records (e.g., the Master Beneficiary Record (60-0090) and the Supplemental Security Income Record and Special Veterans Benefits (60-0103)).

Systems exempted from certain provisions of the Privacy Act:

None.