SOCIAL SECURITY ADMINISTRATION
PRIVACY IMPACT ASSESSMENT
· Name of Project
MAXIMUS Secure Provider Portal (SPP) System – SSA Ticket to Work Project
· Unique Project Identifier
· Privacy Impact Assessment Contact
Ticket Operations and Provider Support
Office of Employment Support Programs
Social Security Administration
6401 Security Boulevard
Baltimore, MD 21235
On December 17, 1999, the Ticket-to-Work and Work Incentive Improvement Act of 1999 established the Ticket to Work (TTW) Program for eligible Social Security and Supplemental Security Income disability and blind beneficiaries. Through the TTW program, the Social Security Administration provides vocational rehabilitation, employment, or other support services from an approved Employment Network (EN) or State Vocational Rehabilitation Agency (SVRA) of the beneficiary’s choice. We assist the beneficiaries in obtaining, regaining, or maintaining employment and reducing their dependence on cash benefit programs through these services. When we implemented the TTW Program in 2002, we contracted with Maximus, a government contractor, to help us administer the program and manage the ENs (private ENs and SVRAs acting as ENs).
· Describe the information we plan to collect, why we will collect the information, how we intend to use the information, and with whom we will share the information.
Maximus will collect information in the SPP system related to operating the TTW program and provide a more efficient business process for ENs and the beneficiaries they serve. They currently collect this information by fax and mail. ENs may use the SPP, a secure web portal, to send and receive information instead of depending solely on fax or mail. The type of information Maximus will collect in the SPP system and the intended use of it includes:
- The Individualized Work Plan (IWP) – The IWP contains information regarding the agreement between the beneficiary and the EN. The forms in the IWP include information such as the beneficiary’s Social Security Number (SSN), name, short and long-term vocational goals, expected monthly earnings, and support services the beneficiary may need. The IWP also contains work history, terms and conditions, rights and remedies, and the date and signature of the EN’s representative and the beneficiary. We use the information from the IWP to assign the beneficiary’s Ticket to the EN.
- Additional Forms – We will use forms such as the SSA-1365, the In-Use State Vocational Rehabilitation status form, the Payment Request and other forms designed to capture essential information in administering the TTW program. These forms collect information concerning Ticket assignment, support services, employer and EN payment requests and reports, and certifications related to services. We use them to track management information related to the ENs’ payments, current caseloads, and the beneficiary’s continued status and the services provided to the beneficiary.
Maximus will share the information in the SPP only with ENs that have a current contract with us. The ENs will be able to view and enter information only for the beneficiaries who have signed an agreement with that particular EN. The information ENs receive via the SPP is the same information they currently send to or receive from Maximus by fax and mail.
· Describe the administrative and technological controls we have in place or that we plan to use to secure the information we will collect.
We will maintain the SPP system, including all processing, communications, storage, and related resources, in the Maximus corporate office in Reston, VA; disaster recovery systems will be located in the Maximus datacenter in Rancho Cordova, CA. Maximus built the system to include a web server that is connected to the Internet, an application server, and a separate database server. Maximus will store the Web and database servers as separate secured subnets behind a firewall. Communication between the servers is restricted to only those network ports necessary for the systems to function. Both locations are monitored by a managed Intrusion Prevention System.
Physical access to the datacenters in both Reston and Rancho Cordova is restricted via two-factor authentication. The datacenter in Reston requires a badge card as well as a fingerprint biometric. The datacenter in Rancho Cordova requires a PIN and badge card.
Users may obtain administrative access to computing resources only by completing a background check and security training and receiving management authorization. External (also known as remote) access to computing resources requires that ENs have an approved contract with SSA to work under the TTW program and they must complete a request form signed by the EN signatory authority or primary contact.
ENs will have access to the SPP via the Internet over encrypted channels and two factor-like authentication. Maximus will use the PhoneFactor service to implement enhanced, two factor-like authentication. PhoneFactor uses the public telephone network for the second authentication factor. The combination of the user’s phone and a memorized password yields a two factor-like authentication that provides minimal disruption to the user.
All users must first request and be granted access to the Portal prior to using its capabilities.
ENs and SVRAs will have one level of access:
User – has the ability to update forms for the specific EN or SVRA, run reports for the specific EN or SVRA, and query the database.
Maximus will have two levels of access:
1. Portal Administrator – has the ability to create and modify accounts.
2. Account Manager – has the ability to review the requests from the ENs and SVRAs.
We annually provide to all of our employees and contractors appropriate security awareness and training that includes reminders about the need to protect personally identifiable information and the criminal penalties that apply to unauthorized access to, or disclosure of, personally identifiable information. See 5 U.S.C. § 552a(i)(1). Furthermore, employees and contractors with access to databases maintaining personally identifiable information must annually sign a sanction document, acknowledging their accountability for inappropriately accessing or disclosing such information.
· Describe the impact on individuals’ privacy rights. Do we afford people an opportunity to decline to provide information?
Yes. We collect, maintain, and use information only where we have specific legal authority to do so in order to administer our responsibilities under the Social Security Act. When we collect a beneficiary’s information for the TTW program, we advise the person of our legal authority for requesting the information, the purpose for which we use and disclose the information, and explain the consequences should the person choose not to provide the information. The person can then make an informed decision about whether to provide the information or not by electing to participate in the TTW program. Additionally, the ENs provide the information that Maximus will enter into the SPP based on an agreement they have with their Ticket-holder beneficiary clients. They complete this agreement before the beneficiary receives a Ticket assignment. Both the EN and beneficiary sign the IWP, which allows the EN to send beneficiary information to Maximus. If the beneficiary does not agree to release this information, then the EN cannot complete an IWP and thus, there can be no Ticket assignment.
· Do we afford people an opportunity to consent to only particular uses of the information?
No. When we collect a person’s information, we advise that person of the purposes for which we will use the information. We further advise the person that we will disclose the information without written prior consent only when we have specific legal authority to do so (e.g., the Privacy Act). We do not otherwise offer persons an opportunity to determine how and with whom their information will be shared.
· Does the collection of this information require a new system of records under the Privacy Act (5 U.S.C. § 552a) or an alteration to an existing system of records?
No. The SPP does not require a new Privacy Act system of records or an alteration to an existing system of records. We will use the same information in the SPP system that we currently collect and maintain for purposes related to the TTW Program business processes. We already have two established TTW Privacy Act systems of records to cover the SPP system: the Ticket-to-Work and Self-Sufficiency Program Payment Database (60-0295) and the Ticket-to-Work Program Manager (PM) Management Information System (60-0300).
PIA CONDUCTED BY SSA PRIVACY OFFICER:
_____________________________ July 9, 2010_
PIA REVIEWED BY SSA SENIOR AGENCY PRIVACY OFFICIAL:
/s/ Thomas W. Crawley July 20, 2010