SSA's Public Credentialing and Authentication Process

Justification for the Non-Substantive Changes for

Social Security Administration’s Public Credentialing and Authentication Process

20 CFR 401.45, 20 CFR 402

OMB No. 0960-0789

Justification for Non-Substantive Changes to the Collection

The Social Security Administration’s Public Credentialing and Authentication Process (hereafter called “electronic access”) went live to the public in May 2012. This Information Collection Request was approved by OMB on 9/30/11. With electronic access, we established a mechanism for customers to create an account, obtain a credential and access our online services through a new Internet portal, the mySocialSecurity website. In addition, we introduced the registration and customer support (RCS) intranet application, which provides an interface for authorized SSA personnel to respond to customers’ requests for assistance with electronic access.

The Commissioner of Social Security has directed us to add language to the mySocialSecurity Terms of Service (TOS) to address computer safety, especially in public settings, warning users of the dangers of using public computers, including those at State agencies, libraries, etc. We want our customers to understand that they assume liability for the computers they are using to do business with us and that they should educate themselves about computer safety.

We are also adding language to our Sign In page to emphasize that the person signing in may only use the service to access his or her own personal information. We give examples to make it clear that a customer may not access another person’s personal information, even if he or she has written consent.

We have attached a package with the current screens and a package with the revised language and where we plan to place it on the Terms of Service screens. The present change request covers changes to the electronic access Internet application Terms of Service pages. We have scheduled these changes for implementation in April 2013.

Revisions to the Collection Instrument

Change 1: We are adding the following language as a final bullet to the Internet Signing In Terms of Service page (page 6 in the attached “revised screen” package).

“I assume responsibility for the disclosure of my personal information if the computer or other device that I am using to access the mySocialSecurity application does not adequately safeguard my information.  I also understand that Social Security is not responsible for the disclosure of my information due to my negligence or for the wrongful acts of others.” 

Justification 1: The Commissioner of Social Security has directed us to add language to the mySocialSecurity Terms of Service (TOS) to address computer safety, especially in public settings, warning users of the dangers of using public computers, including those at State agencies, libraries, etc. We want our customers to understand that they assume liability for the computers they are using to do business with us and that they should educate themselves about computer safety.

Change 2: We are adding the following language to the first bullet on the Internet Signing In Terms of Service page (page 6 in the attached “revised screen” package).

“Even with a person’s written consent, I understand that I cannot use this online service to access the records of a person:

• With whom I have a business relationship; or

• For whom I am an appointed representative.”

Justification 2: We are adding language to our Sign In page to emphasize that the person signing in may only use the service to access his or her own personal information. We give examples to make it clear that a customer may not access another person’s personal information, even if he or she has written consent.

Change 3: We are adding language immediately above the “I agree…” checkbox to the following four Internet Terms of Service pages:

• Remote Registration Terms of Service (page 3 in the attached “revised screen” package)

• In-Person Registration Terms of Service (page 4 in the attached “revised screen” package)

• Reset Extra Security Terms of Service (page 5 in the attached “revised screen” package)

• Add Extra Security Terms of Service (page 7 in the attached “revised screen” package)

The new header with the language reads:

“Who is responsible if the device you are using is not adequately safeguarded?

This is the text that follows the header.

“You assume responsibility for the disclosure of your personal information if the computer or other device that you are using to access the MySocialSecurity application does not adequately safeguard your information.  You also understand that Social Security is not responsible for the disclosure of your information due to your negligence or for the wrongful acts of others.”

Justification 3: The Commissioner of Social Security has directed us to add language to the mySocialSecurity Terms of Service (TOS) to address computer safety, especially in public settings, warning users of the dangers of using public computers, including those at State agencies, libraries, etc. We want our customers to understand that they assume liability for the computers they are using to do business with us and that they should educate themselves about computer safety.

Change 4: We are adding a link to OnguardOnline in the right-hand alley of these pages:

• Remote Registration Terms of Service (page 3 in the attached “revised screen” package)

• In-Person Registration Terms of Service (page 4 in the attached “revised screen” package)

• Reset Extra Security Terms of Service (page 5 in the attached “revised screen” package)

• Signing In Terms of Service (page 6 in the attached “revised screen” package)

• Add Extra Security Terms of Service (page 7 in the attached “revised screen” package)

Justification 4: The Commissioner of Social Security directed us to add this link to our Terms of Service pages as an education tool for our customers. The link takes the customer to an external page with detailed information about computer security and how to safeguard personal information.