Supporting Statement for the SSA-3288
Privacy and Disclosure of Official Records and Information;
Availability of Information and Records to the Public;
20 CFR 401 and 402
OMB No. 0960-0566
A. Justification
Introduction/Authoring Laws and Regulations
The Privacy Act of 1974, 5 U.S.C. 552a, Sections (b), (d)(1)-(2), (e)(2), and (f)(3) of the United States Code, provides the authority for the Commissioner to obtain information needed to access records, designation of a representative to receive an individual's medical records, information needed to amend or correct records, and consent statements from persons requesting information about an individual in Social Security Administration (SSA) records. These rules are also set forth under 20 CFR 401.40(b)&(c), 401.45, 401.55(b), 401.65(a), and 401.100(a)&(b) of the Code of Federal Regulations. The Freedom of Information Act, 5 U.S.C. 552, Sections (a)(3)(A) and (a)(4)(A)(iii), provides the authority for collecting information needed for record requests and fee waiver or reductions. SSA implemented these provisions under 20 CFR 402.130 and 20 CFR 402.185.
Description of Collection
Under the Privacy and Disclosure of Official Records and Information, SSA has established methods in which the public can request the following: access to their SSA records; disclosure of SSA records; corrections/amendments to their SSA records; consent for release of records; records accessible through the Freedom of Information Act (FOIA); and waiver/reduction of fees normally charged for release of FOIA records. SSA most often collects the information required for these requests through a written letter, with the exception of the consent for release of records for which there is the Form SSA-3288. The respondents are individuals who request any of the following from SSA:
Access to Records – 20 CFR 401.40(b) & (c); 401.45 – SSA has developed a procedure for records notification and access that requires individuals to provide data sufficient to identify themselves and their record(s), and authorize any requested third party access to their records. The intent is to provide access and at the same time safeguard against access by unauthorized persons or to someone else's records.
Designating a Representative for Disclosure of Medical Records – 20 CFR 401.55(b) – SSA has developed a special procedure for obtaining sensitive medical records that requires an individual to name a representative, preferably a qualified health professional, to receive the medical records on behalf of the individual. The representative reviews the complete medical records and determines whether SSA should make all of the contents available to the individual, such as sensitive psychological records that might have an adverse effect on the individual or a doctor/patient relationship. The designated representative makes the disclosure decisions on medical records.
Amendment of Records – 20 CFR 401.65(a) – SSA has developed a procedure for individuals who seek to amend or correct their data maintained in SSA systems of records. We request the individual to submit sufficient specified information to SSA to identify the individual, the data they wish to amend or correct, and to evaluate their request.
Consent for Release of Records – 20 CFR 401.100(a)&(b) – The required consent(s) are obtained (with certain exceptions specified by law) from anyone requesting information in SSA systems of records about another individual. Consents may be obtained on Form SSA-3288, "Consent for Release of Information" (attached for clearance), or on other non-SSA forms often used by large employers incorporating SSA approved consent language. SSA will not release information requested about an individual until we obtain the required consent from that individual. Under the Privacy Act (5 U.S.C. 552a (b)), an individual may give SSA written consent to disclose his or her personal information to a third party of his or her choosing. In addition, an individual may have multiple needs for the disclosure of his or her personal information, such as for qualification for a mortgage or pre-employment screenings.
FOIA Request for Records – 20 CFR 402.130 – SSA has developed a procedure for FOIA record requests which collects data needed to identify the requester, the record requested and an address where SSA should send the record. We only obtain the minimum amount of information needed to process the request.
Waiver/Reduction of Fees – 20 CFR 402.185 – SSA has developed a procedure for individuals who seek waiver or reduction of the fees normally charged for information sought from SSA records under the Freedom of Information Act. We collect data sufficient to determine if waiver or fee reduction is in the public interest as defined by law.
Use of Information Technology to Collect the Information
Currently, SSA has procedures by which the public can access and make corrections to their records online through the Request for Internet Services – Authentication (RISA) (0960-0596), items a and c above. However, this collection is used for other purposes, and, therefore, SSA has cleared it separately. Also, SSA has cleared an entirely electronic procedure by which the public can make FOIA requests and can request a waiver/reduction of fees for said requests through our eFOIA system (0960-0716), items e and f above.
The SSA-3288 is available to the public on the Internet in a PDF format which individuals can download, print out, fill in and send to SSA for processing. However, since the SSA-3288, Consent for Release of Information form, and any request to designate a representative for disclosure of medical records (items b and d above) fall under the Privacy Act laws, these actions currently require a wet signature under the law. For this reason, SSA did not create an electronic version of form SSA-3288 under the Agency’s Government Paperwork Elimination Act.
Why We Cannot Use Duplicate Information
The nature of the information we are collecting and the manner in which we are collecting it preclude duplication. SSA does, however, use a similar electronic-only collection instrument (eFOIA, 0960-0716)).
Minimizing Burden on Small Respondents
This collection does affect small businesses or other small entities. However, if we did not impose this burden, we would be unable to compensate the employers and third-party representative organizations that will be completing the form. We minimized the burden by carefully reviewing the forma and ensuring that we only ask small businesses and entities to complete relevant and necessary questions.
Consequence of Not Collecting Information or Collecting it Less Frequently
If SSA did not collect this information, we would be unable to process any of these requests for the reasons stated here:
Access to Records – 20 CFR 401.40(b) & (c); 401.45 – SSA cannot provide access to records under the Privacy Act without obtaining sufficient data to ensure that we have correctly identified the correct individual and the correct records. The Privacy Act contains strict penalties for individuals who obtain records of others without proper authorization and for officials who improperly disclose such records.
Disclosure of Medical Records to Designated Representative – 20 CFR 401.55(b) – Release of sensitive medical information in certain situations can adversely affect the individual or a doctor/patient relationship. In order to avoid this, the procedure for utilizing a designated representative is in keeping with the intention of section 3(f) (3) of the Privacy Act.
Amendment of Records – 20 CFR 401.65(a) – SSA cannot amend or correct its records as required by law without obtaining adequate data to correctly identify the individual and evaluate the request.
Consent for Release of Records – 20 CFR 401.100(a)&(b) – Release of data without consent in situations in which consent is required by law is a felony under the Privacy Act.
FOIA Request for Records – 20 CFR 402.130 – SSA cannot process FOIA record requests as required by law unless we collect data sufficient to identify the requester, the record requested, and an address to which the requested record is to be sent.
Waiver/Reduction of Fees – 20 CFR 402.185 – SSA cannot grant waiver or reduction of required fees without obtaining data sufficient to evaluate the request.
Also, because SSA collects this information on an as needed basis, we cannot collect it less frequently. There are no technical or legal obstacles to burden reduction.
Special Circumstances
There are no special circumstances that would cause SSA to conduct this information collection in a manner inconsistent with 5 CFR 1320.5.
Solicitation of Public Comment and Other Consultations with the Public
The 60-day advance Federal Register Notice published on September 2, 2009 at 74 FR 45508, and SSA received no public comments. The second Notice published on December 8, 2009, at 74 FR 64801, and SSA had no outside consultations with members of the public.
Payment or Gifts to Respondents
SSA does not provide payments or gift to the respondents.
Assurances of Confidentiality
SSA protects and holds confidential the information it collects in accordance with 42 U.S.C. 1306, 20 CFR 401 and 402, 5 U.S.C. 552 (Freedom of Information Act), 5 U.S.C. 552a (Privacy Act of 1974) and OMB Circular No. A-130.
Justification for Sensitive Questions
The information collection does not contain any questions of a sensitive nature.
Estimates of Public Reporting Burden
Approximately 3,028,500 respondents request this information per year. The time burden per response varies for each type of information as listed below:
Type of Request |
Number of Respondents |
Frequency of Response |
Average Burden Per Response (minutes) |
Estimated Annual Burden (hours) |
(a) Access to Records – 20 CFR 401.40(b) & (c); 401.45 |
10,000 |
1 |
11 |
1,833 |
(b) Designating a Representative for Disclosure of Records – 20 CFR 401.55(b) |
3,000 |
1 |
2 |
6,000 |
(c) Amendment of Records – 20 CFR 401.65(a) |
100 |
1 |
10 |
17 |
(d) Consent of Release of Records – 20 CFR 401.100(a)&(b) |
3,000,000 |
1 |
3 |
150,000 |
(e) FOIA Requests for Records – 20 CFR 402.130 |
15,000 |
1 |
5 |
1,250 |
(f) Waiver/Reduction of Fees – 20 CFR 402.185 |
400 |
1 |
5 |
33 |
Totals |
3,028,500 |
|
|
159,133 |
Access to Records – 20 CFR 401.40(b) & (c); 401.45 – There is no formal record of the number of requests to access records protected by the Privacy Act. SSA receives an estimated 40,000 annual requests to access earnings information on form SSA-7050 (0960-0525). We estimate that there are an additional 10,000 requests by letter for earnings information and other kinds of information. The estimated time for completion of the forms used to obtain earnings information using the SSA-7050 is 11 minutes. We have no reason to believe that it would take more time or less time to provide the data needed to process requests made by letter. Therefore, the estimated annual burden is (11 x 10,000 \ 60) 1,833 burden hours.
Designating a Representative for Disclosure of Records – 20 CFR 401.55(b) – There is no formal record of the number of designated representatives collected annually. SSA derived an estimate of 3,000 from estimates obtained from a sample of field and central office personnel who are involved with processing requests for medical records. The estimated burden for the data collection is 2 hours. This includes the approximate time required for the individual to provide the name of the person they want to act as a designated representative to SSA and the time spent by the representative reviewing the file and disclosing the information to the individual. The estimated annual burden is 6,000 (2 x 3,000) total hours.
Amendment of Records – 20 CFR 401.65(a) – There is no formal record of the number of formal requests to amend or correct records. Personnel who handle the requests estimate that we forward about 10 percent to the SSA Privacy Officer for formal disallowance. Routine record corrections (e.g., employer corrections of earnings reports) are not included. The Privacy Officer disallows about 10 formal requests a year. Estimated annual requests: 100. The estimated time for formal Privacy Act requests for record amendment or correction is 10 minutes. This is the approximate time required for an individual to write a letter to SSA formally requesting amendment or correction of records that contains the minimal amount of information SSA needs to evaluate the request. The estimated annual burden is (10 X 100 / 60) 17 hours.
Consent for Release of Records – 20 CFR 401.100(a)&(b) – There is no formal accounting of consents. We based the estimate of 200,000 on consultation with several SSA sources that deal with the consent process, as well as data on annual retirements and data on disclosures from SSA systems. In addition to the 200,000 normally processed in a year, there will be an estimated 2,800,000 consent forms completed. Under the Privacy Act (5 U.S.C. 552a (b)), an individual may give SSA written consent to disclose his or her personal information to a third party of his or her choosing. In addition, an individual may have multiple needs for the disclosure of his or her personal information. The estimated average time for consent collection is 2 to 3 minutes. This includes a low time of a few seconds to read and digest a simple consent statement incorporated into a retirement application, to up to 3 minutes for the more complex consent form SSA-3288 that incorporates additional identification data and/or data about the specific information in SSA files the requester is seeking. SSA used 3 minutes to compute the estimated annual burden of (3 X 3,000,000 / 60) 150,000 hours.
FOIA Requests for Records – 20 CFR 402.130 – SSA FOIA staff processes approximately 15,000 FOIA record requests annually. The estimated time to write a letter containing a FOIA record request is 5 minutes. This should fall within a range of 3 minutes for a simple request to 5 minutes for a longer request. SSA used 5 minutes to compute the burden of (5 X 15,000 / 60) 1,250 total hours.
Waiver/Reduction of Fees – 20 CFR 402.185 – SSA FOIA staff processes approximately 400 FOIA fee waiver/reduction requests annually. The estimated time to write a request for waiver or fee reduction is approximately 5 minutes for an estimated annual burden of (5 x 400 / 60) 33 hours.
Therefore, the total annual burden for each type of collection is 159,133 hours. The total burden reflects as burden hours, and SSA calculated no separate cost burden.
Annual Cost to the Respondents (Other)
This collection does not impose a known cost burden to the respondents.
Annual Cost To Federal Government
SSA based the cost to the Federal Government of $1,120,000 on established net costs (gross costs fewer fees collected) of $140,000 for earnings record requests, $780,000 for FOIA processing, and an additional estimated 10,000 hours at an average of $20 per hour ($200,000) for all other collections.
Program Changes or Adjustments to the Information Collection Request
There are no changes to the public reporting burden.
Plans for Publication Information Collection Results
SSA will not publish the results of the information collection.
Displaying the OMB Approval Expiration Date
For the paper form SSA-3288, we will not publish the OMB approval expiration date. OMB granted SSA an exemption from the requirement to print the OMB expiration date on its program forms. SSA produces millions of public-use forms with life cycles exceeding those of an OMB approval. Since SSA does not periodically revise and reprint its public-use forms (e.g., on an annual basis), OMB granted this exemption so SSA would not have to destroy stocks of otherwise useable forms with expired OMB approval dates, avoiding Government waste.
Exceptions to Certification Statement
SSA is not requesting an exception to the certification requirements at 5 CFR 1320.9 and related provisions at 5 CFR 1320.8(b)(3).
B. Collection of Information Employing Statistical Methods
SSA does not use statistical methods for this information collection.
| File Type | application/msword |
| File Title | Supporting Statement for Privacy and Disclosure of Official Records |
| Author | 040406 |
| Last Modified By | 177717 |
| File Modified | 2009-12-10 |
| File Created | 2009-12-10 |