Social Security Administration Unified Measurement System/Managerial Cost Accountability System
· Name of project.
Social Security Administration Unified Measurement System/Managerial Cost Accountability System
· Unique project identifier.
016-00-01-01-01-2035-00
· Privacy Impact Assessment Contact.
Program Manager
Division of Measurement and Control Systems
Office of Earnings, Enumeration and Administrative
Systems
Social Security Administration
6401 Security Boulevard
Baltimore, MD 21235
· Describe the information to be collected, why the information is being collected, the intended use of the information and with who the information will be shared.
The Social Security Administration Unified Measurement System/Managerial Cost Accountability System (SUMS/MCAS) is a Social Security Administration (SSA) certified and accredited General Support System consisting of several sub-systems that provide enhanced management information (MI), workload control, and performance measure data for SSA and the Disability Determination Services (DDS). SUMS/MCAS consists of information derived from SSA’s major applications including programmatic applications (including Title II and Title XVI claims processing systems), payroll and human resource databases, and security files (including the internet verification files and internet enterprise security interface).
SUMS/MCAS will maintain certain types of information we collect about clients and other individuals who visit a SSA facility for the purpose of conducting SSA business, information about SSA and DDS employees, as well as information about contractors. The system will contain information about clients and other visitors, such as personal identification data (e.g., name, Social Security number, date of birth, address); information related to entitlement to Title II (Retirement, Survivors, Disability Insurance), Title XVI (Supplemental Security Income) and Title XVIII (Health Insurance) programs; and earnings data. SUMS/MCAS will contain information about SSA and DDS employees as well as contractors, such as their personal identification number (PIN), position title, function and office codes, the access and exit times for logging on to any SSA system, and the names and locations of the systems (log files) they accessed.
SUMS/MCAS is a valuable tool that helps us improve customer service and reduce manual work. SUMS/MCAS will support SSA and DDS management and those employees with MI responsibilities in analyzing workloads, planning resources, performing cost allocation activities, improving access to MI, and improving work-power allocation. SUMS/MCAS will provide a single source of data, collected in a consistent manner, which will improve the quality, consistency, and access to information used throughout SSA and DDS. This system will produce detailed reports that will assist us in assessing office, unit, and employee performance. SUMS/MCAS will enable us to manage and account for resources through one uniform source of MI, combining five interrelated initiatives: (1) workload counts, (2) performance measures, (3) time allocation, (4) customer service records, and (5) managerial cost accountability. This system will not be used to make determinations about applicants, claimants, recipients, or beneficiaries.
Thus, SUMS/MCAS will enable the Agency to:
- Improve customer service and enhance the Agency’s ability to monitor customer service;
- Create a unified work measurement and work power identification system providing simpler access to information for reporting data;
- Produce detailed reports to determine office, unit, and employee performance;
- Consolidate the Agency workload structure and provide data at any office level, down to a specific employee;
- Allocate work-time usage information consistently for all components, workload activities, and the time that it takes to perform work and calculate productivity;
- Accommodate new workloads in a flexible work-measurement system by shifting work to locations where capacity exists, improving customer service;
- Ensure an accurate cost allocation of work performed by SSA;
- Manage and account for resources through one uniform source of MI;
- Measure outcomes, determine full costs, control resources, assess performance and provide timely feedback to managers to enhance the Agency’s accountability and customer service; and
- Satisfy government-wide managerial cost accountability regulations and enable the Agency to link resource expenditures with performance, as required by legislation and other government-wide requirements.
We will disclose this information only as necessary to SSA and DDS management officials, and employees who require the information in performing their official duties, or to the individual that the information pertains as permitted by the Privacy Act, or as otherwise permitted by Federal law. SUMS/MCAS is not accessible to members of the public.
· Describe the administrative and technological controls that are in place or that are planned to secure the information being collected.
SUMS/MCAS has undergone authentication and security risk analyses. The latter includes an evaluation of security and audit controls proven to be effective in protecting the information collected, stored, processed, and transmitted by our information systems. These include technical, management, and operational controls that permit access to those users who have an official “need to know.” We have audit mechanisms in place to record sensitive transactions as an additional measure to protect information from unauthorized disclosure or modification. SSA uses the “TOP SECRET” security system to restrict access to the data in SUMS/MCAS.
We protect the information in SUMS/MCAS by requiring individuals who are authorized to access the information system to use a unique PIN. In addition, we store the computerized records in secure areas that are accessible to those employees who require the information to perform their official duties. Furthermore, all of the individuals who have access to our information systems that maintain personal information must sign a sanction document annually that acknowledges penalties for unauthorized access to, or disclosure of, such information.
· Describe the impact on individuals’ privacy rights.
Are individuals afforded an opportunity to decline to provide information?
We collect information only where we have specific legal authority to do so in order to administer our responsibilities under the Social Security Act. When we collect personal information from individuals, including employees and contractors, we advise them of our legal authority for requesting the information, the purposes for which we will use and disclose the information, and the consequences of their not providing any or all of the requested information. The individuals can then make informed decisions as to whether or not they should provide the information.
Are individuals afforded an opportunity to consent to only particular uses of the information?
When we collect information from individuals, including employees and contractors, we advise them of the purposes for which we will use the information. We further advise them that we will disclose this information without their prior written consent only when we have specific legal authority to do so
(e.g., the Privacy Act).
· Does the collection of this information require a new system of records under the Privacy Act (5 U.S.C. § 552a) or an alteration to an existing system of records?
Yes. A new system of records (SOR) is being established, entitled Social Security Administration Unified Measurement System/Managerial Cost Accountability System (SUMS/MCAS), 60-0371, and routine uses applicable to this SOR. SUMS/MCAS will not become operational until the new SOR becomes effective.
PIA CONDUCTED BY PRIVACY OFFICER, SSA:
January 11, 2008__
SIGNATURE DATE
PIA REVIEWED BY SENIOR AGENCY PRIVACY OFFICIAL, SSA:
/s/ David F. Black________ January 16, 2008__
SIGNATURE DATE