Crapo Requests Information on Social Security Data Protections

Washington, D.C.—Following recent allegations of data mishandling within the Social Security Administration (SSA), U.S. Senate Finance Committee Chairman Mike Crapo (R-Idaho) requested information from the agency to better understand the SSA’s data storage and security practices, and to immediately confirm whether sensitive personally identifiable information was accessed, leaked, hacked or disseminated in any unauthorized fashion.

"All credible whistleblower allegations must be taken seriously and claims should be thoroughly investigated if warranted,” said Crapo. “It is critical that federal agencies work to implement the strongest protections for Americans’ most sensitive personal information and ensure any data mismanagement is addressed through congressional oversight.”

In the letter to SSA Commissioner Frank Bisignano, Crapo requests information on:

• What actions SSA took upon receipt of the whistleblower’s concerns about the agency’s data security practices;

• What security measures are in place to ensure sensitive information is handled in accordance with applicable laws and regulations;

• When SSA first stored personally identifiable information in a cloud environment; and

• How the SSA assesses the risk of providing certain agency employees with the ability to transfer data from the Numident database to a private cloud environment, and if the process diverged from the agency’s usual risk assessment process.

Read the full letter here.

Read SSA Commissioner Bisignano’s response here.

• Print
• Email
• Tweet