Addendum to the Supporting Statement for Form SSA‑4641‑U2
Authorization for the Social Security Administration to Obtain
Account Records from a Financial Institution
20 CFR 416.200 & 416.203
OMB No. 0960-0293
Terms of Clearance
This ICR is approved on the understanding that: 1) any necessary formatting issues (e.g. checkboxes) will be resolved prior to fielding the IC; 2) SSA will field the revised version of the form; 3) during development of the electronic version of this form, SSA will coordinate with OMB's privacy officer for SSA regarding security issues related to electronic submission of sensitive data; 4) upon development of the electronic version of this form, SSA will submit change requests for non-substantive changes to this form (substantive changes will still require a revision request); and 5) included in these change and/or revision requests, SSA will describe how SSA will ensure the secure transmission of sensitive data.
SSA addresses the above Terms as follows:
Any necessary formatting issues (e.g. checkboxes) will be resolved prior to fielding the IC;
SSA’s Response: We incorporated the formatting issues into the form as discussed in the previous clearance prior to the submission of the Change Request on 4/7/2008.
SSA will field the revised version of the form;
SSA’s Response: Due to cost issues associated with implementing the revised form and operational deficiencies discovered after approval of the initial revised version (approved in 2007), SSA postponed release until after the approval of the additional revisions outlined in the Change Request submitted on 4/7/2008, and approved on 4/25/2008.
During development of the electronic version of this form, SSA will coordinate with OMB's privacy officer for SSA regarding security issues related to electronic submission of sensitive data;
SSA’s Response: We developed a fully electronic verification process and are submitting the electronic screens for your and OMB’s privacy officer’s review.
We consulted SSA’s Office of General Counsel, Office of Public Disclosure during the early stages of development. Privacy staff in OPD regularly consults with OMB’s Privacy Staff. OGC approved of the e4641 process. We also vetted the e4641 process through SSA’s Systems Security staff.
Upon development of the electronic version of this form, SSA will submit change requests for non-substantive changes to this form (substantive changes will still require a revision request);
SSA’s Response: We have not submitted a Change Request since there have been no non-substantive changes to the form since we received approval for the last Change Request on 4/25/08. At this time we are adding the electronic screens for OMB approval as part of this full reclearance.
Included in these change and/or revision requests, SSA will describe how SSA will ensure the secure transmission of sensitive data.
SSA’s Response: SSA utilizes a security protocol that secures all transmissions of Form SSA‑4641‑U2 data to prevent eavesdropping, tampering, or message forgery between client/server applications. All communications to the SSA e4641 System are secured by Secure Sockets Layer v3 (SSL v3) encryption or better, and consist of standard Hypertext Transfer Protocol Secure (HTTPS) interactions between browser and server.
Revisions to the Collection Instrument
SSA is making the following revisions:
We have created an electronic version of this form as requested in the previous Terms of Clearance, and are submitting the screens for OMB approval:
SSA worked with a private vendor to develop a web-based application that can electronically verify financial accounts held by SSI applicants, recipients, and deemors.
This electronic process allows SSA to more efficiently verify financial account balances by reducing the processing time compared to the paper-based method.
The electronic process is also more effective at preventing SSI overpayments because it allows SSA to search for undisclosed financial accounts.
In an effort to streamline the electronic process, some inconsistencies exist between the order of the questions (not the content) on the electronic version and the paper version. We organized the electronic version to provide a logical path for an internet user because the electronic version is able to use information from one section and present it in subsequent sections as necessary to tailor the information to the user.
SSA implemented this new electronic system in field offices in New York, New Jersey and California.
We are revising the PRA Statement to reflect our current boilerplate language. The current language, which dates back to the last reprint of the form, is now outdated.
SSA’s Office of the General Counsel is conducting a systematic review of SSA’s Privacy Act Statement on agency forms. As a result, SSA is adding a Privacy Act Statement to this form.
Electronic Implementation
SSA conducted the pilot for the new e4641 System in New York and New Jersey. We began the national rollout process in FY 2007 when we added the State of California. SSA currently implements the program in California, New York and New Jersey, plus the OQP offices nationwide. Approximately 3,700 individual financial institutions representing over 30,000 locations currently participate in the program, and each institution receives an average of 48 e4641 requests per year (as shown in the chart in #12 of the Supporting Statement).
When SSA requires financial account requests for SSI initial claims and redeterminations, SSA completes the automated version of the e4641 and sends it via a secure web site to the vendor. The vendor sends the e4641 request via fax or mail to some institutions and other institutions receive the request electronically via secure channels. We request first of the month account balances and the financial institutions respond to SSA via the vendor. All SSA responses are via the secure web site.
The web based e4641 System, designed by Accuity Solutions, processes financial account verifications for SSI applicants, recipients, and deemors in California, New Jersey and New York. The e4641 web form is a reproduction of the paper SSA-4641. Field office technicians access the e4641 System by logging onto the Accuity website using a secure logon PIN and password. Technicians generate a request by completing the electronic 4641 which includes the same information found in the paper SSA-4641. SSA transmits the information to the vendor who processes the verifications. The e4641 System stores financial institution responses. Field office technicians retrieve the responses from the financial institutions by logging onto e4641 System.
SSA and Accuity exchange information via a secure network. SSA utilizes a security protocol that secures all transmissions of Form SSA-4641-U2 data to prevent eavesdropping, tampering, or message forgery between client/server applications. All communications to the SSA e4641 System are secured by Secure Sockets Layer v3 (SSL v3) encryption or better, and consist of standard Hypertext Transfer Protocol Secure (HTTPS) interactions between browser and serve. Information exchanged between SSA and Accuity is always electronic, never paper-based or manual in method, and stored in a fully-redundant, encrypted environment.
Accuity provides comprehensive training to financial institutions prior to the institution being included in the e4641 process. Financial institutions have the option of receiving information via the secure network using the same applications as provided to SSA.
There is no unique "electronic authorization.” As outlined in regulations at 20 CFR 416.207, permission to contact financial institutions is a condition of SSI eligibility. SSA obtains financial permission from the individual during the initial application or redetermination. We record financial permission on the MSSICS AFIP screen or on the pertinent paper forms for non-MSSICS claims. The SSA-4641 captures the information we send to the financial institution (i.e. name, address, account number, etc.) and is provided by the SSI applicant, recipient, or deemor during the SSI application interview or redetermination.
SSA asks financial respondents to provide financial account information, specifically account titling and monthly balances on account detected for a customer. Institutions responding using the e4641 System benefit from having a single, centralized point-of-submission (as opposed to several hundred) eliminating the previous burdens and inefficiencies related to packaging and postage. We also reimburse the financial institutions up to $25 per request completed by SSA.
At this time, SSA is working on a final rollout plan for FY2010. The scope of the plan is dependent on funding we have not yet received. Once we receive the funding, we will submit a Change Request to update the burden information for the e4641.
| File Type | application/msword |
| File Title | Addendum to the Supporting Statement for Form SSA 4641 U2 |
| Author | 177717 |
| Last Modified By | Davidson, Liz |
| File Modified | 2009-12-04 |
| File Created | 2009-12-04 |