tv House Hearing Focuses on ID Protection Efforts CSPAN June 2, 2017 7:26am-9:04am EDT
admiral, emmett policy, the five star admiral who won the war at sea. area carson-- ariel carlson. anthony coley, co-author of shattered sword the untold story of the battle of midway and timothy or, co-author of never call me a hero, legendary american guide bomber pilot remembers the battle of midway. watch the battle of midway 75th anniversary special live from the macarthur memorial visitor center from virginia today beginning at 9:30 a.m. eastern on american history tv on c-span3. >> next, efforts to reduce identity that by limiting the federal government use of social security numbers. we will hear from officials with the va, social security menstruation and the office of personnel management. this is an hour and a half year.
>> good afternoon and welcome to today's hearing on the federal government's use of social security numbers. unfortunately, chairman sam johnson was unable to be here with us today to discuss one of his favorite topics, ending the unnecessary use of social security numbers. i know everyone here joins me in wishing chairman johnson's speedy recovery. i would like to welcome chairman heard of the oversight and government reform committee's it subcommittee and all of the it subcommittee members for joining us in the ways and means committee hearing room today. back in 1936, when the
social security began issuing social security numbers they were only used to track earnings and administer-- administer the social security program. back then it wasn't much thought about keeping your numbers secret, but today's social security numbers are the key to the kingdom for identity thieves. social security and identity security experts make a point of telling americans how important it is to protect their numbers. social security numbers are valuable target for identity theft because of their regular use by both federal government and private sector as a unique identifier, especially by the financial industry. time and again we are reminded to protect our social security cards in order to avoid identity theft and it to be careful with what documents we throw away in the trash. our social security numbers are connected to so many personal aspects
of our lives from our social security benefits and finances to our medical histories and education. in recent years privacy concerns have become more and more critical. when i was in law school in the dark ages our grades used to be posted on the wall to keep secret whose grades they were by social security number. of course, they were posted alphabetically. [laughter] >> so, it wasn't that hard to figure out who was whose. in fact, one of my good friends in law school's last name was ziegler and he was the smartest guy in the class and always made an a and blew the curve so everyone gave him a hard time, but his social security number was always at the bottom of the list and i could probably recite his social security number. while colleges and universities have since changed their ways the federal government has
yet to fully catch up. over 10 years ago under president bush's leadership office of management and budget issued a memorandum for the safeguarding of personally identifiable information, including the social security number. the memo called for federal departments agency to reduce or replace the use of social security numbers across federal government. unfortunately, while some progress has been made in reducing the use of social security numbers, 10 years later there's still much work to be done. this hearing is about making sure that social security numbers are only used when necessary and that the federal government is doing what it can and what it should to make sure that when social security numbers are used and collected they are kept safe. the office of personnel management pack in 2015 is an example of what happens when the federal government collects social security numbers,
but does not keep them safe. that negligence can-- comes with a cost to both the affected individuals and the taxpayers. the american people rightly deserve and expect that the federal government protect their social security numbers and only use them when necessary. i think all of our witnesses for being here i look forward to hearing from you about how your agencies are working to tackle this challenge and what more needs to be done. i now recognize mr. larson for his opening statement. soundmac thank you, mr. chairman and we join with you and certainly wishing our dear friend and colleague sam johnson a speedy recovery and would like to add how fortunate we are on the ways and means committee to have to iconic american heroes serving on the
same committee when you think about sam johnson and his service to this country and all that he endured on the help of this nation. nearly beaten to death by the vietcong and then you think of john lewis and all he endured in this country, nearly beaten to death in his own country, so we have these two iconic legends and i'm so proud to serve with sam and was happy that he asked me to introduce within the social security must avert identity loss and/or hr 1513 that require social security ministration to remove beneficiary social security numbers from mail notices. mr. johnson as i think everyone on the committee knows is such an incredible gentleman. we have also taken every
opportunity in the subcommittee to renew a request a that i hope the committee will travel to plano, texas. will you be for that and that we have an opportunity to inasmuch as mr. johnson indicated this is his last term to have a meeting there in plano, texas, that would honor mr. johnson and the committee and this particular topic area that he so vitally is concerned about. i also want to recognize , chairman heard who is with us in the lead democrat, robin kelly for being here in our meeting room as well. since 2014, hundreds of americans have lost their personally identifiable information including their social security numbers to large scale cyber attacks. the number was originally created in
1936 for the purpose of running the nation's new social security system. however, its usefulness as a unique governmental identifier has made it near ubiquitous across government and the private sector. today, social security administration hasn't suffered any large-scale data breach, but ongoing vigilance is needed including adequate support for updating and modernizing social security and ministration it structure altogether social security ministration has been able to remove the nine digit from about one third of the mailings it to sense out moving forward then committed to removing them from the remaining notices wherever they revive-- revising notice which requires computer upgrades. the severe constraints on social security administration budget are preventing the agency from removing numbers from all notices right away as they
estimated it would cost 40 million to do so immediately rather than piecemeal. more alarmingly, since 2010 the number of beneficiaries has grown by 30% as a baby boon or-- boomers enter retirement, but social security's operating budget has fallen by more than 10% in that same time. social security administration civic cannot serve more and more people with less and less money each year. social security administration is struggling to serve its beneficiaries at the level they deserve. my constituents are experiencing multi- year wait times on disability appeals and hearings. of their phone calls are going unanswered. of a face delays in correcting errors and benefits and payments. to make matters worse the president's fiscal year 2018 budget
released today also a tax social security benefits for those with disabilities as much as $70 billion over 10 years. mr. chairman, i would like to submit for the record the 13 times that donald trump promise not to cut social security medicare and medicaid. president trump has promised repeatedly and explicitly throughout the campaign not to cut social security or medicare. this broken promise should be especially alarming to millions of people who voted for the president who spend their working lives paying premiums into the system believing those benefits would be there for them in retirements and-- or should they become disabled. bottom line is this, social security is the nation's insurance program. it is not an entitlements. it is the insurance that individuals have paid
for throughout a lifetime. the problems with social security at its core, this issue we are taking up-to-date especially as it relates to theft is vitally important to protect people's identity. equally important and the responsibility of this committee is is actuarial soundness. this is the most efficient government operated program in the history of the nation. ask any private sector insurance company if they could have a 99% lot-- loss ratio. they would die from that and there is no product on the open market where you could produce old age and survivor benefits, disability and pension planned as survivor benefits that's unique to his of social security. that's why it's america's insurance plan that our citizens have paid for. this is not an entitlements and we will
continue to make that point. i hope later this year mr. chairman, and mr. johnson has been very gracious about saying that we will get opportunity to have hearings on our bills that we will look at expanding and making solvent well into the next century social security for all of its american citizens if the nations insurance program. >> thank you it and i recognize mr. heard for his opening statements be met thank you, chairman. for the two years plus i've been in congress i've learned americans expect the federal government to protect their personal information. sadly, by the devastating data breach at opm which affected more than 20 million people this is not the case. american people deserve better from the government.
we know social security numbers can be used to perpetuate identity except or worse. you never know what a piece of personal information, the bad actors need to achieve their goals whether they are looking to steal my threat to national security of our nation. oversight committee held a hearing on the data breach where bad actors hacked into the department of education and still income information and used that information to file fraudulent tax returns with irs. ball of the agencies appearing before as collector retain a welcome information-- what of information on americans particularly social security numbers and it's essential we reduce the use of social security numbers both unprinted forms and electronically. tomorrow the house is scheduled to consider the social security number fraud prevention act of 2017 which was passed out of committee and prohibits agencies from sending social security numbers by mail unless the head of the agency do is it absolutely necessary. the social security administration has over 175 million wage earners and records on pretty much everyone living and
dead with a treasure trove of information. veterans administration has held records on over 8 million veterans and their families. i can imagine few other records as infamous as an individual's health record. the va currently uses social security numbers as a patient identifier. protecting these numbers is important for all americans are given social security numbers are frequently exchanged with their most at risk members of society such as seniors, disabled and veterans we must take the most prescient to prevent the unnecessary risk of exposure in these populations. one of the recommendations out of the committee investigation of the breach was that agencies reduce their use of social security numbers to medicate-- mitigate the risk of identity theft and as agencies undertake this transition it is essential they rethink how they use, collect, store social security numbers. all pieces of personal information they connect -- collect. i'm proud to be here
today with my colleagues to examine what is working and what we can do better and today i hope to learn more about whatever is the federal government is taking to reduce its collection and use and storage of social security numbers and thank you for being here today and i look forward to hearing from you. >> i now recognize ms. kaylee for her opening statement. >> thank you, chairman. thank you for holding this important hearing. originally created to turn the earnings of individuals and determine eligibility for social security benefits the social security number has become the principal method used to verify individual's identities, but the police raised other use poses challenges to data security and identity theft protection. in 2007 when the office of management and budget recognize reducing the use of social security numbers that agencies could reduce the risk of identity theft, 10 years
ago this week omb mate issued a memorandum to reduce social security numbers. on the 10 year anniversary of the guidance of the opportunity to examine the challenges that have a stymied agency's efforts while from those agencies who have had success. the social security administration no longer prints social security numbers on statements, cost-of-living notices or benefit checks. centers for medicare and medicaid services is in the middle of efforts to remove the numbers from medicare cards by april 2019. likewise, the department veteran affairs has ceased produce social security numbers on prescription bottles certain forms and correspondence and is working to find alternate means of identification maintaining patient safety while reducing visibility of social security numbers on patient wristbands. these concrete steps
represent real progress and i commend the agencies on their work so far, but barriers that still exist for full implement-- implementation and one of the barriers is the lack of strong coordinated approach. gal found the 2007 memorandum didn't define and yes-- unnecessary user outline requirements are as a result, many agencies were vague subject to varied interpretation over the years. additionally, 0mb didn't require agencies to update their inventories of social security number collection points making it difficult to determine if agencies were reducing collection and use. omb must provide clear directive in two agencies. in addition to poor coordination by omb federal efforts to reduce social security numbers use have faced other challenges. agencies are statutorily
and legally required to collect social security numbers for identity. social security numbers remain the standard for identity verification across government programs. omb really took steps to address this issue by working to create an alternate identifier in 2008 and again in 2015. a lack of proved a funding for these efforts from going forward and until congress are-- defined the requirements significant reductions of social security numbers used seems unlikely. outdated legacy it systems also cause agencies to struggle to obtain reduction goals. agencies don't have the funds to replace these systems and start a new. of this committee has spoke at great length about the need to update the federal government it infrastructure and we must put our money where our mouth is. i'm concerned across-the-board budget and personal cuts
proposed by the trump administration will take us in the opposite direction to make it harder to a college our social security number reduction goals. i hope of my colleagues will keep this in the need to protect americans from identity theft in mind as we discuss fiscal year 2018 budget proposals and i look forward to hearing from eyewitnesses today and they yield that the balance of my time. thank you. >> as is customary any member is welcome to submit a statement for the hearing record. before we move on to our testimony today, i want to remind our witnesses to please limited their oral statements to five minutes. however, without objection all of the written testimony will be made part of the hearing record. we have five witnesses today. seated at the table are gregory wilshusen, security issues government accountability office. marianna lacanfora, acting deputy commissioner, offices--
office of retirement and disability policy social security administration. david devries, chief information officer, office of personnel management and karen jackson, deputy chief operating officer centers for medicare and medicaid services and finally, john oswalt, executive director for privacy, office of information and technology, department of veteran affairs. welcome to you all and thank you for being here. pursuant to the committee on oversight and government reform rules all witnesses will be sworn in before they testify. please rise and raised her right hand. do you solemnly swear or affirm that the testimony you are about to give will be the truth, the whole truth and nothing but the truth is so help you god please be seated.
mr. wilshusen, welcome and thank you for being here. please proceed. if i butchered your name, sorry to make you did perfect. thank you. members of the subcommittee, thank you for inviting me today to testify at today's hearing on executive branch efforts to reduce the unnecessary use of social security numbers. my statement is based on our draft report on federal efforts to reduce the collection, use and display of these numbers. we have provided a draft report to join five agencies for, and we anticipate issuing the final report later this summer after we receive agency comments. before i begin, if i may, i would like to recognize several members of my team were instrumental in developing my statement or performing the work. with me is john who led this work and quentin
dorsey. in addition, andrew baggs, shawnees, dave, priscilla smith and scott bettis made significant contributions. beginning in 2007, omb, and the social security administration undertook several actions aimed at reducing or eliminating the unnecessary collection and use and display of social security numbers on a governmentwide basis. however, these actions have had limited success. omb issued guidance to eliminate or masked social security numbers use. and also promulgated a draft regulation to limit federal collection use and display of social security numbers, but withdrew the proposed rule because no alternate federal employee identifier was available that would provide the same utility. in 2007, omb required
agencies to establish plans for eliminating the unnecessary collection and use of social security numbers. omb also began requiring agency reporting or reduction efforts as part of its annual reporting process here in 2007 the social security ministration developed on online clearinghouse on agencies best practices for minimizing the use and display of social security numbers. however this clearinghouse is no longer available. at the individual agency level, each of the 24 cfo agencies report taking a variety of steps to reduce the collection use and display of social security numbers. these steps included developing and using alternate identifiers, masking, truncating or blocking the display of these numbers on printed forms, correspondence and computer screens and filtering e-mail to
prevent transmittal of unencrypted numbers. however, agency officials noted that social security neighbors cannot be completely eliminated from federal id systems and records in part because no other identifier offers the same degree of universal awareness and applicable he. the-- they identified through other challenges. first, several statutes and regulations require collection use of social security numbers. second, interactions with other federal agencies and external entities require the use of the number. third challenge pertaining to technological hurdles that replace the number systems. reduction efforts from the executive branch have been limited by more readily addressable shortcomings. lacking direction from omb, many agencies reduction plans didn't include key elements such as time frames for performance indicators
calling into question the plan to utility. in addition, omb is not required agencies to maintain up-to-date inventory of social security number collection and has not established criteria for determining when the number use or display is unnecessary. leaning too inconsistent determinations and definitions across agencies. omb has also not ensured that all agencies have cemented up to date progress reports and has not established performance metric-- metrics to measure and monitor networks efforts. in our draft report we are making five recommendations to omb to address these shortcomings. until omb and agencies adopt better and more consistent practices the reduction efforts will likely remain limited and difficult measure. moreover, the risk of social security numbers being exposed and used to commit identity theft
will remain greater than it need be. chairman, chairman hurd, ranking member's larson kelly, this concludes my statement and i would be happy to answer your questions. >> think you serve. ms. lacanfora, welcome and thank you for being here. >> acting chairman rice, chairman heard, ranking member larsen, ranking member kelly and members of the subcommittee, thank you for inviting me to discuss the history of the social security number, of the social security administration uses it in efforts to reduce the number's use i am acting deputy commissioner for retirement and disability policy. through the rich history surrounding the social security number those responsible for implementing the new social security program understood that crediting her teens to the individual would be critical to the program's success. names alone would not ensure accurate reporting. accordingly, in 1936 we
designed the nine digit s sent-- ssn to allow employers to accurately report earnings. since the program's inception we have issued around 500 million numbers to eligible individuals. that ssn continues to be essential to how we maintain records and without it we couldn't carry out our mission. however, the ss and an ssn card were never intended nor do they serve as an indication. we encourage other agencies and the public to minimize their use. we also provide electronic verifications of ssn to their federal and state partners to prevent improper payments. in 2016, we performed over 2 billion automated ssn verification. although we created the ssn, its use has increased by other entities overtime. 1943, executive order required federal agencies to use the ssn,
advances in computer technology and data processing in the 1960s further increase the use. congress also enacted legislation requiring the number for a variety of federal programs. use of the ss and group, not just in the federal government, but throughout state local governments to banks, credit bureaus, hospitals, educational institutions and other parts of the private sector work as use of the ss and has become more pervasive so has the opportunity for missy's. we taken numerous measures to protect the integrity of the ssn. in 2001, we remove the full ssn from two of our largest mailings, social security statement and social security cost-of-living adjustment notice. these notices account for about a third of the roughly 352 million notices that we send out each year. in 2007 omb issued a memo requiring agencies to review their use of
the ssn and identify unnecessary use of the number. we recognize that although we need to ssn to administer our program we could and did refine all of our personnel processes to reduce reliance on the number. still, we recognize we need to do more. two thirds of our notices have the social security number. are notice infrastructure is complex with about 60 different applications generating notices and every notices created to respond to an individual's unique circumstances. nevertheless, we are committed to replacing the ssn with a beneficiary notice code or began to see as we modify existing notices or create new ones. is a secure 13 care for all for numeric code helping our employees identify the notice and the beneficiary and respond to inquiries the. we initially developed that bnc for use of the
cost of living adjustment notice and next year we will replace the ssn with the bnc on benefit verification letters as well as the appointed presented them in social security post and how. together these mailings account for 42 million annual notices. we take great care to protect the integrity of the ssn and the personal information of the public we serve. thank you for the opportunity to describe our efforts and i would be happy to answer any questions. >> thank you, ms. lacanfora. mr. deliveries, welcome and thank you for being here. please proceed. >> thank you for the opportunity to appear before you today to represent the office of personal management with the respect to reduce social security number use as a personal identifier. in 1962 the civil service commission adopted the ssn to identify federal
employees and over time it became universal thomas every piece of paper or it's a digital form in a federal employees personnel file. became a de facto personnel identifier. the ssn was used for personal action to record training, request health benefits and other purposes. in 2007 omb issued guidance to develop measures for use in safeguarding of a federal employee ssn. the intent of these measures was to minimize the risk of identity theft and fraud in two ways. one, by limiting the unnecessary use of ssn as an identifier and strengthening the protection of personal information including ssn from theft or loss. examples were in eliminating unnecessary printing or display of the social security numbers on reports and restricting access of ssn to only individuals who had a need to know.
we also included privacy and confidentiality statements to go along with the-- we came up with how do you mask it or take the social security numbers out of the forms itself. omb we examined our policy with the respect of the use of ssn and in 2012 issued an addendum. it identifies pieces of the ssn. this internal policy addendum notes that the use of the ssn is only those provided by law, executive order, or are required by operational necessity to achieve agency mission. for example the ssn is a single identifier consistent across the security investigation process and may be necessary to complete an individual's background
investigation, but is now protected in transit and storage. zero-- omb has taken other efforts to reduce the ssn. either collects ssn from applicants and we also undertook in effort in 2016 to understand maintain ssn and how to communicate those to communicate with other programs strict the inventory was completed in 2016 and we are now using it to validate progress made and identify other opportunities. we are updating the 2012 policy this year. it's difficult to completely eliminate the federal use of ssn without a government wide coordinated effort and dedicated funding. ss ends are generally the column-- comment on that among agencies. in the fall 2016, omb to
reduce the use of ssn and many government systems and programs. it sought to facilitate the information to identify records and initial proof of concept shows potential for continued his studies. members of the subcommittee, thank you for having me here today for discussing our role in for your interest and support in this important issue. safeguarding our federal before he and others information we hold is of paramount importance to omb and i would be happy to answer any questions you have. >> thank you. ms. jackson, you can proceed. >> chairman rice and heard, ranking members larson and kelling and members of the subcommittee, thank you for this opportunity to discuss the centers for medicare and medicaid services work to
safeguard the personally identifiable information of the beneficiaries whom we serve including our ongoing work to eliminate use of the social security number on medicare cards. this effort is important step in protecting beneficiaries from becoming victims of identity theft. one of the fastest growing times in the country and as we all know identity theft can disrupt lives, damage credit ratings and result in inaccuracies and medical records. offense to congressional leadership and in the tickler chairman johnson and members of the ways and means committee and based on the recommendations of our colleagues from the government accountability office cms will eliminate the social security number -based identifier on medicare cards by april, 2019, as congress directed us as part of the medicare access and reauthorization act of 2015. we very much appreciate congress providing us with the resources necessary to undertake
this project. beginning in april, 2018, all newly enrolled medicare beneficiaries will receive a medicare card with a new medicare beneficiary identifier. at the same time, cms will begin distributing the new medicare cards to our current beneficiaries. this new medicare number will have the same number of characters as the current 11 edition social security number base, health insurance claim number, but will be visibly different and distinguishable. with the introduction of the mpi for the first time cms will have the ability to terminate a medicare number and issuing a number to a beneficiary in instances where they are victim of identity theft or their medicare number has been compromised. transitioning will help beneficiaries better safeguard their personal information by reducing the exposure of their social security numbers.
cms has already removed the social security for many types of our communications including medicare summary notices mailed on a quarterly basis. we have prohibited private medicare advantage plans and medicare part d prescription drug plans from using social security numbers on their enrollees insurance car. many people wonder why it's used in the first place. when the medicare program was established in 1965 it was actually the social security administration who administer the program. while cms is now responsible for management of medicare, the social security ministration still enrolls beneficiaries and both cms and the social security administration rely on interrelated system to coordinate eligibility for medicare benefits and social security benefits. currently, healthcare providers use the chicken when they submit claims in order to receive payment for
healthcare services. cms and his contractors use the number to process this play them to authorize payment and issue some beneficiary communication here we are in the process of making changes to over 75 of our affected systems to replace those systems indicator with that m vi and we have developed software that will generate numbers that assign them to beneficiaries and we are working with key partners and other key stakeholders. there are a lot of them, to ensure beneficiaries return to receive access we are implementing an extensive and phased out reach an education program for the estimated 60 million beneficiaries who will receive new cards as well as providers
private health plans, clearing houses and other stakeholders. this fall we will tell benefit-- medicare beneficiaries that they will receive a new card. we are also working to make sure providers and other physicians and other healthcare providers are prepared to serve patients throughout the transition by creating information for providers both for them to update their records with the new number and also for them to help remind beneficiaries that they need to bring their new cards with them when they see their doctors. we know from other successful large-scale implementation that helps to allow time for all stakeholders to adjust to the changes and so beginning in april, 2018, when we begin to mail out the cards cms will have a 21 month long transition period during which our system will accept transactions both containing the numbers. throughout our program
we are committed to safeguarding personal information, redesigning the medicare card to remove the social security number -based identifier is a important step for cms and helping to a call-- combat identity theft. thank you very much for your interest in our progress today and i look forward to answering your question. >> thank you ms. jackson. mr. oswald, thank you for being here. you can proceed. >> good afternoon chairman rice, chairman heard, ranking member larsen, ranking member kelly and distinguished members of the committee thank you for this opportunity to participate in this hearing. vgas mission is to serve with dignity and compassion america's veterans and their families and is contingent upon accurate and timely information readily available.
if we advocate for veterans and ensure they receive the medical care , benefits, social support lasting memorials they have earned in service to our nation va must properly identify, verify and coordinate this information. that apartment interfaces with many other federal agencies including, but not limited to the department of defense, social skidding ministration, internal revenue service and the department of education. va primary use of ssn are threefold, one locate veterans and defendants to ensure correct identification associated with the delivery of healthcare and services. identify employers for employment record-keeping and three, ensure 100% actually-- accuracy of patient identification. mistaken identity and delivering healthcare can result in catastrophic outcomes and until such time we compress it means to do so is established and implement the use of ssn
remains the best means of ensuring patient education. in addition, ss and must be used and required by law or regulation for purposes such as background information, income information and matching of computer records between government agencies. elimination of ssn use is not solely a function of information technology it, business process used by the veterans health administration, veterans benefit administration nba offices require a complete overall on how they establish absolute identity verification inside va and outside va. it solutions to eliminate ss and use can only occur after integrated and compress a review of ss and use an interconnectedness is complete. va recognizes the growing threat posed by identity theft and the impact on veteran defendants and employees. 2009 the va created and implemented that are--
social security reduction effort. the goal of ssn offers to catalog ssn use leading to the reduction and elimination of the ssn at the va's primary identifier while maintaining the 100% requirement for proper veteran patient identification. for example, eha has eliminated the full ssn use on letters, routine correspondence. va mail out pharmacy has eliminated the ssn from prescription bottles and mailing labels. as a whole, va has removed ssn from several forms were such use was deemed an unnecessary. vba is modified to replace ssn with barcode labels on all outgoing correspondence and completion of that effort is expected in november, the share. as ba migrates away from ssn use the office of information technology
is collaborating with stakeholders to continue expanding the use of the master veteran index, veterans their beneficiaries and other eligible persons. it serves as the authoritative identity source within va and generates and assigns integrated control number for each veteran. the use of this number as a unique identifier continues to expand with the ultimate goal to replace the ssn as a primary identifier. there are many challenges facing va regarding the elimination of the unnecessary collection and use up. this includes enterprisewide system analysis that needs to be conducted to find and identify the large volume of interface systems that the va needs for clinical care and functions. undertaking a robust education and retraining program for employees to implement any new identifier. this has begun, but will take time to integrate fully.
acceptance by the veteran community, the change of this magnitude across the system will require substantial outreach and education. va has made several progress towards illuminating than unnecessary use of ssn and continues to reduce the use of ssn with the goal to replace it with alternative primary identifier. this concludes my testimony and i'm prepared to answer any questions you or any other members may have. >> thank you mr. oswald. we now turn to questions and as is customary i will limit my time to five minutes and ask my colleagues to also limited their questioning time to five minutes as well. mr. oswald, what to start with you. you were just speaking of the hurdles that the va has to cross to eliminate the social security number and how critical it is we make sure we identify each patient, their lives are
in the balance and to make sure they get the right medications and so forth. you were saying as a replacement for the social security number you had started implementing and icn. what you didn't tell us is how long it will take to get that done. what would be your best estimate for when you can get that done? >> well, the registry of all certain types of identifiers has been in place since 1999-- >> so, you don't use of social security numbers anymore? >> we do, but its use as a primary identifier is still in the va processes. the icn is generated by the all special the information that is collected, so using that icn as a means to identify a veteran as their information traverses the system or a machine talking to machine, that has happened to a large
extent already. is primarily the ssn use is when there is a human to human interface between a clinician in a patient. >> do you still have their social security numbers are in their little wristbands? >> yes, sir, we do and there's an effort underway to believe on a pilot level right now we are seeking to eliminate the full ssn with the goal of the complete elimination and there is also a barcode-- >> any timetable for that? >> sir, i would have to take that and provide that for the record because i'm not aware of the projects status. >> thank you, mr. oswald. ms. jackson, your testimony was interesting and you said by 2018 you will illuminate the social security number from the medicare number. you are moving at lightning speed for the federal government. thank you for your efforts. mr. devries, you said something interesting. you have stopped collecting social security numbers for applicants for
employment of the federal government? >> correct, sir. when an applicant is going to enter or wants to come into the government and they go to the sites we no longer collected that social security number from them at that time. >> when do you collect their social security number? >> once we match up the job applicants against the job postings and the agency takes that referral list and list of applicants and narrow it down and make the final selection. when they bring that person on to make them an employee offer is when the agency hiring them collects that from them then. >> i know they would use their social security number for tax withholdings and such, what else would they use their social security number for when they were looking to hire someone? >> mostly that it's your status of employment and then the benefits that come with it whether it's pay and reported back to the irs and
social security side. >> do you do criminal background checks? >> once you become an employee and if your position requires that when you submit in than it would also be the primary use as similar to what we do, once it gets into the background investigation system that it's a different number that becomes the controlling number for it. >> since this massive hacking that occurred several years ago, i assume you have implemented a lot more protections to prevent that from happening again. >> yes, sir. >> ms. lacanfora, gosh, amazing statistics. did i hear you correctly that you verify 2 billion requests per year? >> 2 billion verifications, yes. >> wow, so that would be like six for every single living person in the country. >> s, and it's worth noting more than half our federal and state
agencies verifying and that can happen multiple times to write a year they are processing for example an application for benefits. >> omb has required agencies to limit the unnecessary use of social security numbers, but they never defined what necessary use is. out of each of your agencies defined necessary use. i will start with you, mr. wilshusen. the microphone. >> actually, i don't know how my agency has defined unnecessary use. what we did in terms of our audit of the other agencies is determined to what extent they have identified how they use and what we found out at the 24 agencies is that a number of them like for i believe has-- did not even define what a necessary use is in another eight didn't really have it
documented or did not have a formal definition, but rather compared it to bases on the judgment of the individuals who are making the particular assessment of social security use. >> thank you, sir. mr. larson. >> into mr. chairman and i want to thank the witnesses again. what a credit to government service you are and i thank you for being here today and just a couple of questions. first, it's got to be incredibly hard to operate on agency that is the largest insurer in the nation. to do so with a 99% loss ratio, the envy of any private sector insurance company. kudos to you, not without its problems and complexities, one of
which we are exploring here today in terms of making sure we get away from fraud and abuse and as we have said anyone who abuses this system ought to get the ultimate penalty and i'm all for strengthening anything we can do to further crackdown on this, but we heard in your testimony today is a couple things that strike me. number one, you know, we have a 13% increase overall with baby boomers coming through the system and yet you have had a 10% overall cuts in your budget. one has to ask, how were you able to manage with these increases in the complexity of the problems you face including hacking? listen, i'm one of those people that would also concur that you don't always, you know, cuts in service if they are replaced by technology that is current can
overcome those things, but it seems to me like you are also saddled with legacy of it that needs to be updated and improved and yet there aren't the resources that we funnel you to do that. is that a fair assessment? >> you have cited some of our challenges, yes. i will mention, though, that we are embarking on a ambitious it plan. we know we cannot continue to operate the way we are. >> when you say you are embarking on it, you have the money for it? seems like a lot of the concerns we are confronted with especially in the area of veterans etc. and i noticed the wristband concerns brought up in terms of identification, then if we have the resources and certainly we have the technological capability , why wouldn't we protect what is the governments leading
program to protect and assist its citizens? >> do you need more money? >> i think our budget folks are coming up to brief you are staff on 18 budget, but i will send 18 budget attempts to balance service and stewardship as well as improving the efficiency with which we operate. the plan i mentioned is something that we are looking forward to advancing and we are considering that to be agency priority and we will dedicate the funding to support that. part of that will help us to modernize art in touch-- our structure and remove the ssn from remaining notices. >> with very alarming to us and i know that my call is on other side of the aisle share this as well is that we know how vital this program is to all of our citizens. we know when everyone can attest to go long way time disability in terms of processing claims. it seems innate country
as gifted as we are with it this ought to be something that we should solve rather easily, so it's further frustrating when we can sin-- continued to see cuts in the budget and quite alarming today when we have the president's budget revealed with about a 70 billion-dollar cut in social security, which to me is unconscionable especially given the presence previous statements about preserving and saving if not expanding these benefits to keep pace actuarially where they should be from where we were in 1983 when we actually last looked at this from a business actuarially sound physician. i really believe that we can close in a lot of these gaps with appropriate technology and assistance from the rank and file who i would also note
according to testimony in previous hearings that frontline members in social security offices that are best line of defense against fraud and abuse in ways. they don't get enough credit and continuing to cut the budget instead of looking at investments in both it and where we can be more efficient and successful i think is where we need to go. thank you. >> to clarify, the president is not talking about cutting benefits. he's talking about cutting administrative costs. >> thank you, mr. chairman. forgive me, who would be the most technical of all of you? all right. i need you to work something with me and correct me if i'm not here he is something correctly i have a bnc. i have that uid, nbi, icn, are these all on a
common registry that-- derivation table that you tag in technology and you pull back and had? >> no sir. >> in the case, forgive me and will, i've only been reading the testimony and things here, but what i see is absurd technology wise. without a common central token system, forgive me , but if you use apple pay here, apple pay doesn't hold your credit card number. its creates a one-time use token. the token hands-off, matches, matches the number and reflects back. you all have it budget. you are trying to solve a problem, but in many ways-- i need you to walk me through. is my fear that the
problem may have gotten worse because i have the ba now with one set of numbers and medicare with a different set of numbers, omb with a different set and i will have social security with another blind identifier. have we just made the problem much worse at least for the customer service aspect? clecs are, if i could let me address that. what you just heard here was exactly the case. we took the one common field, nine digit social security number that grew up for decades, became ambiguous in every form we filled out and then said we can't show that and went to cut the use of that where it's not publicly used. i came from several years inside dod and wind-- when i become a dod member i become a veteran and i get a different number. on the civil servant and i get a different number yet, so how do we unite that and that's where we
need that unification at the top to drive the standardization because it the end of the day i still need to tie the different benefits that come back from the various employment-- >> does everyone see what i'm observing is we may be actually in our attempt to blind these numbers crating and other cascade effect that will create another level of complication and that is when my veteran in the house are working on-- they are also dealing with social security dispute that may be wanting to go back to work for the federal government at the park service and now i have a handful of different numbers. off the top of my head and i'm on the edge of my technical expertise, i could come to you right now and whether it be a ledger model like some sort of common tokenization, where i had this number, i get the hand often would get
a constant match. it wouldn't stop you off from doing what you are doing, but we would have to build a common unified clearinghouse data system that would reflect the numbers and hand back the one time use token. but, that may be a unifying solution to solve a number of our problems, which i can take you other way to to social security earned income tax credit fraud and a whole number of other things that it could help on. and my way out of my league here from your area of expertise? m i seen a unifying problem here? >> you are correct, sir. in my opening remarks i talked about the program unique identifier and the concept was to keep the social security number as the gold place, protect that, surrounded, but don't bring it out and then you have programs so each of these could be a unique program and they would have structures to their number scheme and
they own the number scheme is just like we talked about today, but then it gets associated back to it and that's what gets shared out. >> if the medicare-- medicaid card is lost we give them a new one. >> so when everyone uses a medicare benefit they have a chip card that handed out a new token, but this time i type in the unique number and handoff-- it may be worth a conversation for those interested in this technology. maybe as the committee here we need to sort of -- it will take some resources, but there has to be a unified theory to get to to make this simpler and i yield back my time. >> thank you. ms. kelly. >> thank you, mr. chair. social security numbers have become used as the principal method of identity verification across agencies. how about, the very fact
makes them a lucrative target for identity thieves. mr. wilshusen, you testified that ssn is particularly risky because they can quote connect and individuals p i i across many agency information systems and databases. can you explain how the widespread use of social security number increases the risk of identity theft? >> certainly. one of the reasons is that it's available and if not properly secured and our work on information security and federal agencies when we looked at the examination or examined security controls over the agency's information we often found that the security controls are not affected to the extent to where they can adequately protect the confidentiality, integrity and availability of the information and systems at those agencies, so by having source of social
security number in a particular agency and if it's not adequately protected than that information can be used, not only for that agency, but can be used as an identifier for that individual at other agencies and in the private sector as well, so just last year, fiscal year 2016 agencies reported about 8300 incidents involving pii for fiscal year 16. it's a present problem. >> how could the use of such an alternate identifier reduce the risk of identity theft? >> well, for one it may limit to the extent to which an alternative id may be used to identify that individual with other databases and other entities, so it's an opportunity to limited the extent that the identifier can be used across very different organizations. >> you talked about in
your testimony no such identifier was available. can you expound on that? >> well, that's when that's not universally has accepted and applicable as the social security number. we did report that in certain instances in certain organizations including like dod and va where they have started to use an alternate identifier other than social security numbers to provide for their members and that require one. >> despite omb failure to implement an alternate 2008 agency started initiative in 2015 to provide an alternative way to identify government systems. mr. devries, is that correct and can you elaborate on that? >> ..
business and not the financial institutions and the other ones. question is how do we work that thing not only in federal agencies but then down to agencies that report into us and also to the state and local government because everything is coated into the various programs. the social security administration talked about the numbers of systems she has. they keep on exploding when you go town to the state and local government, all those have to be linked together at some point in time. i think we can take it one phase at a time. are you worked for the state of illinois and the same issue there. i wonder if states change it on their own one by one or how does that work? do they decide to make changes, because i think before i left they did make some changes because they had social security numbers on everything. >> i will let me esteem colleagues talk here, but then the department of defense, we moved away from social security numbers on all of our d cards
and so far, that did not happen overnight. and then enforcing it. >> thank you, ms. kelly. mr. mitchell. >> one of the things i haven't seen reference is the use of social security numbers and the hacking that goes on in the irs. it probably won't surprise you to know that i among and millions had social security number hacked and you get a pin number mailed so you can file your taxes, do you know what happened this year on that? >> i understand that those pin numbers were also compromised to some extent. >> they were. i didn't get a pin number. i can only begin to describe to you the entertainment of trying to file my taxes as well as i don't know how many million americans when, in fact, they don't have pin numbers that work
either and they can't file electronically or any other way with their social security. the point i want -- the reason i raise it is if, in fact, rather than independent agencies creating their own identifiers, a pin number, all the acronyms, i don't know if anyone is watching this but most americans eyes are glazed over acronyms. a token system and i'm shocked that there hasn't been substantial conversations as to why we don't have centralized process and create a token for not only benefits but when they pay taxes. why is that not more active effort at this point in time rather than individual efforts? >> i think that's definitely a possibility in everything but i think you also talk upon that the fact that these numbers regardless of their providence,
if you will need to be protected by agencies and systems and we have found traditionally that security controls over agency systems needs to be improved. >> oh, i wouldn't disagree with you one bit. you have two issues, the user using it and the agencies securing it and those are two separate dilemmas and the problem where we seem to be making one harder by issuing different kind of identifier which in the case of the irs that was compromised as well. so what's to prevent being compromised as additional effort we have made rather than have encrypted token base system that allows you to do that. that technology has existed in the private sect or for a fair amount of time. i would encourage the agencies to begin actively and we should talk about it,, mr. chair, a token system that's encrypted and at least that protects in the user end.
if i can, before my time runs out, i was looking through your testimony, returning late from the floor, i apologize, there's notations that troubled me a bit. va is currently evaluating the elimination of social security and -- in correspondence. i'm trying to find a way to respond on that. how nice that they're evaluating that. how long does it take to evaluate that? >> a number of correspondents and forms generally have been scrubbed. if there's a compelling business need for it, we -- it would remain. we have an ss in number review board that reviews things from a department standpoint. i can't attest right now. i can submit it for the record what forms and correspondence and as i said in oral testimony
-- >> let me ask for the record did you submit the numbers of forms, correspondence and the justification for the record because i don't understand why it's on correspondence that we put the social security number on there and, in fact, you put the whole social security, my goodness gracious, guys, question number two, a comment about social security number being on wrist bans, now, my guess is everybody in the room has been to the hospital for one purpose or another to a lab and you get a wristband. i haven't seen a social security number at a wristband in a medical institution in close to a decade, maybe seven years. why in the world would you still put it on when they're hospitalized? >> there's a bar code at ss, in that allows clinician to talk to a machine to the bar code. that's useddation -- used as a patient identification. i think i mentioned in the
testimony, there's a pilot in va sites where we are using the last four, eventually we will move away from the full human readable ssn and the integration control, icn will replace that. >> thank you, mr. chair. thank you, sir. >> thank you, mr. mitchell. >> thank you, mr. chairman, thank you for having this hearing. ms. jackson, i sat on the ways and means health subcommittee. we had extensive conversations with the social security agency about the process for removing social security numbers from medicare cards. hearing again about this process is enough to make your head spin. at the time, we had this
dialogue. it was quite clear that social security quote, unquote, did not have the funding to do this. that's what you said to us. now, can you explain how, what seems like a pretty simple task of removing the social security numbers from medicare cards could be such a challenge that cms's to the system that you used in terms of information technology. >> thank you very much for the opportunity to speak to that. we at cms have been looking into the removal of the social security number of the medicare card for a number of years but it was not until congress gave us the resources to be able to implement the system changes
both in our internal systems and also in the data exchange and the updates that we must do with the social security administration with the railroad retirement board who also used a hick and base identification card updating information in our internal systems as well as informing providers and health care providers and medicare beneficiaries of need to use card when they provide health care on provider side and for billing purposes and also when a beneficiary goes to receive care from a doctor or hospital. to move forward with implementation of the medicare beneficiary identifier, we have made system changes over the past couple of years. we hit a major milestone this past weekend in assigning new medicare beneficiary identifiers to all medicare beneficiaries
which now will allow us to begin the testing process with all of our systems and our data exchange partners to then be able to mail the card and begin the transition period. we expect to have this completely implemented by april of 2019 with the beginning of mailing of cards in april of 2018. the transition period for us is very important so that all stakeholders are able to receive the new mbi and submit bills and claims using the new mbi and to assure that health care is still available and provided to medicare beneficiaries. >> and new identifiers would be the same number as the past? >> no, the new identifier, it's an 11-digit code but it is an alpha numeric code that was randomly assigned when we did the numberration and does not
look like health insurance claim number. >> you proved that it could be done and the system will be complete in 2019. >> that's correct. >> am i correct in saying that? that's pretty big. and you're standing by that? >> i am standing by that. we will actually be ready to receive the mbi of claims submission of 2018. >> thank you. in your testimony, am i pronouncing that correctly, sir? >> yes, sir. >> you stated that it's difficult to completely eliminate the federal use of social security numbers without a government wide coordinated effort and that dedicated
funding, that's what you said, right? >> yes, sir. >> okay. can you explain how lpm would use additional funding to try to achieve the goal of limiting the federal government's use of opm numbers? >> federal retiree with the social security and the irs for tax purposes there, the underline would still be coated and exchanging through the social security number. the communication that goes through the federal retiree benefit is a different number. that's how all action is tracked back to you. >> mr. chairman -- >> i'm sorry.
>> you need the infusion of money to do coding and parallel highway, if you will, of how we are doing it there. >> mr. chairman, may i just add this into the record? the president's budget duh not cut social security but it does. in the budget it cuts south -- social security disability by up to $60 billion. i think it needs to be corrected. >> thank you. >> you're welcome. >> i was confused by an earlier exchange. do we know how many documents within the va have the social
security number printed on it? >> we know what we know right now. it's an ongoing expanding effort. there is a social security number reduction tool. >> so we -- correct me if i'm wrong, there's a bunch of forms at -- that the va sends out, one of the data elements on that form is social security, why does it take years to go through each form and delete that data element or not show it on the underlying form? >> sir, i have to submit for the record the history of why it's taking so long. there are number of instances -- >> how many forms does your organization have that prints social security number on it? >> with the implementation of the medicare beneficiary identifier, we won't have any forms that will issue the social security number. over the past couple of years -- >> so you're saying 2019 is when
we are going to be successful in achieving that? we currently right now there's x number of forms that produce when they're printed out on that form it includes social security number, correct? >> no, sir, i'm sorry. i should have been clearer. our correspondence with medicare beneficiaries, we have social security number with the exception of one document which is medicare premium form that still does include the health insurance claim number. i am not -- i am sorry, i can't remember ifs truncated that will be the document replaced. >> great. how many forms does your organization produce that has the full social security number on it? >> currently 233 million notices or forms of correspondence each
year that still have the social security number. >> that many unique or five different kinds of correspondence. so we have a thousand documents and one of those is social security number. why can row -- you not just delete that? >> we have deleted the number and replaced it with beneficiary code. we have another 42 million that we are doing in fiscal year '18, the challenge that we have is twofold. one there's 60 separate systems that produce notices, 1,000-plus notices. beyond that, the other significant issue or challenge that we have is that the social security was -- social security number was created to do business with our agency and so when we mail out a notice to
someone and they are being told that they have an overpayment, they might pick up the phone and call us and they have to be able to quickly identify who they are and what their issues are. >> estonia has done this and move today -- moved to a system that's tokennized. they have achieved the ability to have this inner operable number across all of their government agencies. we've talked about token ization here. in your role, what do you need -- ultimate is the shared service and how do we implement a shared system at opm when it comes to an identifier across the federal government? >> that's one that we need to
work with the industry on and it's not the same thing as it is on the industry side of the house, i'm desperately trying to reach out for it. we are still tom academy by how you bring the technology in and fuse it into application systems, it's not our hardware systems, it's the application systems. >> in the last 30 minutes of my time, you referenced legacy it being a barrier, what do we need to do in order to prevent that from being a barrier? >> that's one of the problems of what legacy systems often they may not be able to handle newer numbers, in order to be able to do that it requires significant change and modification. i >> i yield back, chairman. >> thank you, sir. >> thank you, mr. chairman. and i thank the witnesses for your help with the committee's work.
back in 2015, opm disclosed that information technology systems had experienced a massive data breach compromises, names, addresses, background information, birth dates and the background investigation records for about 22 million people that had applied for sensitive positions with the fbi, cia, nsa and we had a hearing subsequent to that breach and i actually asked your predecessor, i asked her if she was even taking the most steps to protect social security numbers. are we each encrypting them within the system at opm and
very sad to hear her testify that, no, at that time in 2015 we were not encrypting and i urge them to do that. then a year later we had a follow-up hearing with ms. colbert, i think she had some operational responsibility there. i asked her to same question a year later if that job was complete. she testify that had, no, it was not complete and so we have full cycle. ms. colbert said that our system did not allow encryption of social security numbers. i just want you to tell me something good. tell me that we've encrypted the social security numbers. you know, it would be laughable if it wasn't so serious. i read an article last sunday in "the new york times" where much
of our sources in china are being killed off, either killed or imprison, u.s. sources, foreign intelligence sources and, you know, i have to think that, well, that hack was attributed to the chinese government. i know the hack came after many of these people were executed in china for cooperating with the united states government, shot as spies or imprisoned as spies, but you see specially with sensitive information like this with secured positions we are exposing our personnel, our intelligence officers and anyone who cooperates with them to grave mortal threat and we really have to step up our game here. so let me go back to my question. are we encrypting the social
security numbers? >> representative lynch. >> yes, we are. i have all the databases that contain the social security numbers and pi's to have encrypted with the exception of one database that resides in the mainframe that's not sitting behind other social security controls and detection systems and that is scheduled for completion which is a little bit more of a challenge because it's on the mainframe to be completed this calendar year. >> okay. so we had this hack about ten days ago, the ransom ware attack, it was not stealing our information but preventing people from utilizing that. most of the impact was overseas because much of that software was bootleg software that
microsoft windows, well, they bought it bootleg and the fixes. >> not available for people. do you feel that we have major vulnerability from that type of hack as far as our user population goes? >> sir, i would say, yes. with opm, there's no choice. the systems are patched. that's a call that the direct or sports and i -- supports and that's the cieght approach to take. >> thank you for your courtesy. i yield back the balance of my time. >> thank you, sir, mrs. sánchez.
>> identity theft affects 12 millions per year and cost the victims $350 on average. so on average. you hear cases of it taking people years and a lot more money to get it straightened out and i have been one of those people that unfortunately have been the victim of identity theft. social security numbers and other personal information like dates of birth, that information is very coveted by hackers and steal from breaches of office of health management, united states postal service and even retailers like target.
i want to issue the 2007 memo agencies to strength security information. these recent hacks show that opm and other agencies are still fundamentally very ill-prepared and many american sensitive information is still very vulnerable to attack and that's why, you know, refusing the collection and retention of social security numbers is so important. it's troubling to see that after ten years government accountability office reports show that only 2 of 24 agencies examine met requirements for complete plan to reduce unnecessary usage of social security numbers and even more trouble thalg the office of management and budget has provided very little guidance to agencies to help with the transition. further limiting capacity to
protect information and to improve their system. so whether it's a lack of funding or lack of guidance, ten years after the issuance of the memo, we should be in a better position to safeguarded america's personal information. and i know i recognize that there are clear barriers that agencies face in reducing the collection of social security numbers, for example, state mandates the collection of that information. i just wanted to note before i delve into questions that i think it's interesting that today we are discussing the progress. new requirement to collect and on the other hand, we are going to be mandating the collection of that information and i think it's both ironic and
hypocritical of us on this to be doing both things but aside from that comment, mr. devries uses employer identifier but the identifier wasn't available, what are the barriers to creating a new identifier for federal employees refer agencies to use in administration of benefits. >> representative sánchez, thank you for that question. the complexity or the barriers to overcome here is the size and complexity of the government as the witnesses here at the table represent a few of the agencies, every agency really has a collection that ties back to an individual and the benefit that is get tied to it, whether it be their pay, medicare, so forth. how do you then create that architecture and again going back to chairman, you had to
have the architecture in hand as you begin to talk about the token use or bit-chain type stuff. my colleague to my left talked about how they rolled out the whole medicare new number there. it's not done overnight. it's a process and based on the architecture there. >> and cuts in funding, how does that affect the ability to protect information effectively? >> so in every agency there's probably just enough dollars to make that go, what i'm going to try and to something else. i have to have the infusion to create something that goes along side what i'm currently operating and make something new and turn off something that i got rid of. >> would you say you're operating with the best very best equipment that money can buy? >> no, ma'am. >> would you say that the equipment that you have to work with on the scale of 1 to 10 in terms of modern and efficient, where would it lie on that
scale? >> ma'am, i would say from overall architecture and operating perspective i would say it would be about .3 or .4. >> further budget cuts not necessarily helpful to rectifying that? >> no. >> thank you, no more questions. >> thank you, ms. sánchez. the federal government needs to ensewer that it's doing all it can to protect americans' identities and social security numbers are unnecessary. >> we leave this as the senate comes in for preforma session. the chamber has been in recess all week for memorial day holiday. senators will rush on monday and consider a resolution commemorating the 50th anniversary of the reunification of jerusalem. after this we go live to arms at
>> senate returns on monday, reunification of jerusalem with votes scheduled at 5:30 p.m. eastern. live now to the arms control association's annual meeting. it will address arms control agreements, limited and reduced arsenals, the spread of nuclear weapons and testing by all but one state. [inaudible conversations]
>> all right, everybody, this is gerald kimel, i i want to give you a two-minute warning. we will get started very shortly so please find your seats, your coffee and put your best side forwards. we are happy to have our friends from c-span here, so we are going to get started in just a minute. thank you.