Download: doc | pdf

OMB No. 0960-0760

______________________________________________________________________________

RACBSVXXFXXX

User Agreement

Between the Social Security Administration (SSA)

And

[Requesting Party]

(Requesting Party)

for Consent Based Social Security Number

Verification (CBSV)

______________________________________________________________________________

Table of Contents

1. Purpose and Definitions

1. Purpose

The purpose of this User Agreement is to establish the conditions, terms, and safeguards under which the Social Security Administration (SSA or Agency) will provide the Requesting Party verification of Social Security Numbers (SSN).

2. Definitions

Authorized User – Employee of the Requesting Party who has been authorized by the Requesting Party to submit SSN verification requests and has successfully registered to use the CBSV system.

Client – SSN holder who authorizes the Requesting Party to verify his/her SSN through SSA by completing the Consent Form. Under SSA disclosure regulations, the parent or legal guardian of a minor or legal guardian of a legally incompetent adult may also authorize disclosure for the subject of the record if he/she is acting on the individual’s behalf and provides proof of the relationship.

Consent Form – Form SSA-89 (Authorization for SSA to Release SSN Verification – Attachment B).

OCO – SSA’s Office of Central Operations.

OF – SSA’s Office of Finance.

Principal – Business organization or institution that is the original requesting source for the SSN verification by a contractual relationship with the Requesting Party. The Principal may or may not be the Requesting Party but is the end-user entity to whom the SSN verification will ultimately be disclosed.

Requesting Party – Party signing this User Agreement with SSA, including any and all of its employees, officers, directors, agents, servants, subsidiaries, personal and legal representatives, affiliates, successors, assigns, and contractors.

Responsible Company Official – the officer or employee of the Requesting Party with authority to make legally binding commitments on behalf of the Requesting Party.

2. Legal Authority

Legal authority for providing SSN verifications to the Requesting Party with written consent of the SSN holder is found in the Freedom of Information Act, the Privacy Act at 5 U.S.C. § 552a(b), section 1106 of the Social Security Act, codified at 42 U.S.C. § 1306, and SSA regulation at 20 C.F.R. § 401.100.

3. SSN Verification and Use

SSA will verify SSNs solely for the purposes specified on the individual Consent Forms associated with the verification requests. The Requesting Party must use the verified SSN only for the purpose(s) specified by the Client. Exceeding the scope of the consent as specified in the signed Consent Form violates state or Federal law and subjects the Requesting Party to civil and criminal liability. SSA recognizes that the Requesting Party may seek verification of the Client’s SSN on behalf of a Principal pursuant to the terms of the Client’s Consent Form. In this case, the Requesting Party shall ensure that the Principal agrees in writing to use the verification only for the purpose stated in the Consent Form, and make no further use or re-disclosure of the verified SSN.

The information obtained from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an agency under false pretenses will be guilty of a misdemeanor and fined not more than $5,000.

SSA’s verification of an SSN does not provide proof or confirmation of identity. CBSV is designed to provide you with only a “yes” or “no” verification of whether the SSN verified with SSA’s records. If our records show that the SSN holder is deceased, CBSV returns a death indicator. CBSV verifications do not verify an individual's identity. CBSV does not verify employment eligibility, nor does it interface with the Department of Homeland Security’s (DHS) verification system, and it will not satisfy DHS’s I-9 requirements.

4. Responsibilities

1. Requesting Party Responsibilities

1. Requesting Party must designate a Responsible Company Official to sign the Attestation Statement (Attachment B) indicating understanding of the Privacy Act restrictions relating to the use of this service on behalf of the Requesting Party.

The signed and dated Attestation Statement must be submitted to SSA with the signed User Agreement.

If the Responsible Company Official signing the original Attestation Statement leaves the company or no longer has authority to make legally binding commitments on behalf of the company, Requesting Party must designate a new Responsible Company Official to submit a new signed Attestation Statement prior to the submission of any new SSN verification requests.

2. Requesting Party will provide SSA with an electronic file through the CBSV website on Business Services Online (BSO) either (1) in batch mode format for response in two to three business days, or (2) as a single request for real-time response. Alternately, the Requesting Party may submit their request through a web service platform that conforms to SSA’s data configuration for a real-time response. All requests must specify the name, date of birth, and SSN of each Client whose SSN the Requesting Party seeks to verify.

3. If the Requesting Party elects to have its employees access CBSV by using SSA BSO either (1) in batch mode format, or (2) as a single request for real-time response option, the Requesting Party must complete the Form SSA-88 with requested information for each Authorized User. The Requesting Party may use one Form SSA-88 to provide information for multiple Authorized Users. The Requesting Party must ensure that the Form SSA-88 provides the total number of the Requesting Party’s Authorized Users.

4. Requesting Party will notify SSA if there is any change to employment status (including, but not limited to, long-term absence, termination of employment, or change of duties related to CBSV) for any Authorized User or if Requesting Party revokes any Authorized User’s authorization to use CBSV.

5. SSA may change its method of receiving verification requests and providing verification results to the Requesting Party at any time. If SSA decides to change its method of receiving SSN verification requests or providing verification results, the Responsible Party will bear its own costs incurred to accommodate such changes.

6. Requesting Party must submit an annual audit by Certified Public Accountants (CPAs) who will report their findings to SSA. Requesting Party will provide to SSA the name, address, telephone number, and professional affiliation of the CPA selected to perform required audits not more than 30 days after this User Agreement is signed, and not more than 30 days after any new CPA is substituted for the previous CPA.

7. Requesting Party must pay the one-time enrollment fee and full, advance payment of transaction fees for the current fiscal year prior to making any request for verification under this User Agreement. Requesting Party will pay in full any remaining balance for verifications from previous fiscal year obligations before it uses CBSV for the following fiscal year.

8. Requesting Party will ensure that its Responsible Company Official carry out the following actions and responsibilities:

1. At the completion of the registration process, SSA will issue a unique access code to the Responsible Company Official. The Responsible Company Official will provide the access code to each Authorized User only after authenticating that Authorized User’s relationship to the Requesting Party and as authorization for that Authorized User to submit verification requests to CBSV.

2. Responsible Company Official must provide his and other Authorized Users’ information on Form SSA-88 if the Requesting Party elects to use the its web service platform client application to access CBSV. Responsible Company Official will be the representative Authorized User for the Requesting Party when using the web service platform client application.

3. Responsible Company Official, jointly and on behalf of the Requesting Party will be responsible for all access requests made through the Requesting Party’s web service platform client application and for complying with the requirement to maintain an audit trail to track all CBSV activities of each Authorized User.

9. Requesting Party will ensure that any Principal to whom Requesting Party discloses SSA-verified information acknowledges and agrees to comply with all of the requirements, as applicable, under this User Agreement.

10. Requesting Party acknowledges the following

1. Section 1140 of the Social Security Act authorizes SSA to impose civil monetary penalties on any person who uses the words “Social Security” or other program-related words, acronyms, emblems and symbols in connection with an advertisement, solicitation or other communication, “in a manner which such person knows or should know would convey, or in a manner which reasonably could be interpreted or construed as conveying, the false impression that such item is approved, endorsed, or authorized by the Social Security Administration . . . .” 42 U.S.C. § 1320b-10(a);

2. Requesting Party, or any of its Principals, is specifically prohibited from using the words “Social Security” or other CBSV program-related words, acronyms, emblems and symbols in connection with an advertisement for “identity verification.”

3. Requesting Party, or any of its Principals, is specifically prohibited from advertising that SSN verification provides or serves as identity verification;

4. SSA has the right of access to all books and records of the Requesting Party, or any of its Principals, associated with the CBSV program at any time.

2. SSA Responsibilities

1. SSA will compare the information provided in the Requesting Party’s verification request with the information in SSA’s Master File of SSN Holders and SSN Applications System of Records and provide verification results in appropriate format and method based on the submission format and method.

2. If the Requesting Party submits batch files through the BSO website, SSA will provide submission confirmation by a posting on the CBSV portion of the BSO website. The Requesting Party will also be able to download the verification results file from the website. Results for requests submitted via batch mode upload will generally be available within three business days. However, SSA cannot guarantee a specified time frame, as the Agency mission-related work will have priority over any verification requests. SSA’s posting of verification results may be delayed for Agency mission work or for system maintenance.

3. If the Requesting Party submits requests using the web service, SSA will provide real-time responses, barring any delays for system maintenance.

4. SSA will review CBSV submissions and results, conduct audits, generate reports, and conduct site visits as needed to ensure proper use to deter fraud and misuse. SSA, in its sole discretion, will determine the need for audits, reports, or site visits upon its review of the Requesting Party’s submissions, results, or CPA reports

5. SSA will send out notices or reminders to the Requesting Party requesting payment in an annual or quarterly amount.

5. Consent

A standardized Consent Form, Form SSA-89 (Authorization for SSA to Release SSN Verification), is included as Attachment B to this User Agreement.

SSA will provide SSN verification information only about individuals from whom the Requesting Party has obtained a signed Consent Form. The Requesting Party must obtain a signed Consent Form from each person for whom SSN verification is requested. If the request is for a minor child (under age 18), a parent or a legal guardian must sign the consent form. If the request is for a legally incompetent adult, a legal guardian must sign the consent. If the parent or legal guardian signs the Consent Form, the Requesting Party must retain proof of the relationship, e.g., a copy of the birth certificate or court documentation proving the relationship.

The Consent Form must be completed and signed, including the date of birth of the SSN holder. Neither the Requesting Party nor any Principal may make alterations to the Consent Form, unless it is made by the SSN holder to change the period during which the consent will be valid. The SSN holder must annotate and initial this change in the space provided on the Consent Form. The Requesting Party cannot request the SSN verification from SSA before receiving physical possession of a signed Consent Form from its Client. SSA must receive the request for SSN verification within the time period specified in the Consent Form, either 90 days from the date the Client signs the Consent Form, or by an alternate date established on the Consent Form.

The Requesting Party must retain the signed Consent Forms for a period of seven (7) years from the date of the verification request, either electronically or on paper. The Requesting Party must protect the confidentiality of completed Consent Forms and the information therein, as well as the associated record of SSN verification. The Requesting Party must also protect the Consent Forms from loss or destruction by taking the measures below.

1. Requesting Party Retains Consent Forms in Paper Format

If the Requesting Party chooses to retain the Consent Forms in paper format, the Requesting Party must store the Consent Forms in a locked, fireproof storage receptacle. Access to this receptacle must be restricted to the Authorized Users.

2. Requesting Party Retains Consent Forms Electronically

If the Requesting Party chooses to retain the Consent Forms electronically or store them on removable electronic media (such as CDs), the Requesting Party must: (1) password protect any electronic files used for storage; (2) restrict access to the files to Authorized Users; and (3) put in place and follow adequate disaster recovery procedures.

When using either of the electronic storage means, the Requesting Party must destroy the original paper Consent Forms.

SSA may make onsite inspections of the requester’s site, including a systems review, to ensure that the Requesting Party has taken the above required precautions to protect the Consent Forms and the information contained therein and to assess overall system security.

Each request submitted to SSA must contain a data field indicating that the Requesting Party has received a valid signed and dated Consent Form for that request in accordance with all requirements under this User Agreement. In addition, each Authorized User, as part of the registration as an Authorized User, must certify to [______] that: (i) he or she will submit requests to SSA only when he or she has information, knowledge, or a reasonable belief that the requests are supported by the requisite Consent Forms, and (ii) any request submitted to SSA without the requisite consent form is subject to legal penalties.

6. Technical Specifications and Systems Security and Related Business Process Requirements

The Requesting Party will not have direct access to SSA’s databases. The verification requests must be encrypted using either the Advanced Encryption Standard (AES) or triple DES (DES3) encryption methods to secure the data in transport to SSA. SSA will use the same method of encryption when returning data to the Requesting Party. To accomplish the transmission of data, the parties will use TLS protocol (TLS 1.0) as specified in NIST Special Publication 800-52. http://csrc.nist.gov/publications/nistbul/July-2005.pdf.

The Requesting Party must obtain, at its own expense, the hardware, software, or other equipment that may be necessary to establish connection to CBSV either through the BSO website or the web service. The Requesting Party must obtain, at its own expense, Internet service in order to access the CBSV portion of the BSO website. The Requesting Party must provide SSA with a valid e-mail address for communications via e-mail. 

 

The Requesting Party may use more than one method of CBSV services (online, web service and batch) at the same time. If the Requesting Party chooses to use both online and web service, it must assign two different Authorized Users, due to the unique registration needs of CBSV Web Service. The Requesting Party is only responsible for the one-time enrollment fee ($5000) and one combined advance payment for transactions, regardless of the number of methods of services it uses.

The Requesting Party must bear all costs it incurs for site preparation, connection, operating costs, and any other miscellaneous costs to participate in CBSV.

SSA will provide the Requesting Party with a copy of SSA’s User Guide, which SSA may amend from time to time at its discretion. The detailed requirements and procedures for submitting files, checking status, and retrieving results through CBSV are set forth in the User’s Guide.

If the Requesting Party accesses CBSV through the web service platform client application, the Requesting Party must maintain an automated audit trail record identifying either the individual Authorized User or the system process that initiated a request for information from SSA. Every request for information must be traceable to the individual Authorized User or the system process that initiated the transaction. At a minimum, individual audit trail records must contain the data needed to associate each request to its initiator and the relevant business purpose (e.g., the outside entity’s client record for which SSA data was requested), and each request must be time and date stamped. Each request must be stored in the audit file as a separate record, not overlaid by subsequent requests.

If the Requesting Party retains in its system any verification results from SSA, or if certain data elements within the Requesting Party’s system indicate that the information has been verified by SSA, the Requesting Party must ensure that its system also captures an audit trail record, with the same requirements as for the web service platform client application, of any user who views the SSA-verified information stored within the Requesting Party’s system.

7. Referral of Individuals to SSA

If SSA returns a “no-match” result (see SSA’s User Guide) to the Requesting Party, the Requesting Party must take the following actions before making any referrals to SSA Field Offices for action:

1. The Requesting Party will determine whether the data submitted to SSA matches the data contained in the Requesting Party’s records. If it does not match the Requesting Party will re-submit the corrected data to SSA for verification. The Requesting Party will bear the cost for the re‑submission.

2. If the data in the Requesting Party’s records matches the data submitted to SSA, the Requesting Party will contact the Client to verify the original data provided. If the Client corrects the original data by completing and signing a new Consent Form with the corrected information, the Requesting Party should submit the corrected data to SSA for verification. The Requesting Party will bear the cost for the resubmission.

3. If the Requesting Party cannot resolve the data discrepancy, the Requesting Party will refer the individual to a SSA Field Office to determine the nature of the problem.

8. Costs of Service

The Requesting Party must provide SSA with advance payment for the full annual cost of all services rendered under this User Agreement.

Upon signing this Agreement, the Requesting Party must deposit with SSA, either by company check or company credit card, a one–time, nonrefundable registration fee of five thousand dollars ($5,000), which will be applied to SSA’s total CBSV operating costs to reduce the actual transaction fees charged to all users. This fee allows the Requesting Party to access all three CBSV service methods.

Payment for transaction fees will be submitted with a completed and signed Form SSA-1235 (Agreement Covering Reimbursable Services—Attachment D). Upon notification by SSA of the per transaction fee, the Requesting Party must submit the total record processing fees for the estimated number of requests the Requesting Party expects to submit for the entire Federal fiscal year (from October 1 of applicable year to September 30 of the following year) via Form SSA-1235. SSA will credit the account of the Requesting Party and “draw down” from the advanced payment as services are rendered. Services will be provided only if sufficient amount of advance payment remains in the Requesting Party’s account to cover the requested services. No interest shall accrue to the advance payment. If any file submitted does not conform to the requirements of the User Agreement or the User Guide, the Requesting Party must still pay for the full cost of processing that file.

Prior to the start of each new fiscal year, the Requesting Party must submit a new, signed Form SSA-1235, accompanied by the full payment of fees for estimated requests for that fiscal year. In cases when estimated costs have changed, the requesting party will remain in active status as long as their account balance is positive.

Periodically, but no less frequently than annually, SSA will recalculate its costs related to providing the CBSV services and will adjust the transaction fees accordingly. If the recalculation of costs results in increased fees, the Requesting Party may need to sign an amended Form SSA-1235 and submit additional advance payments.

9. Duration of Agreement, Suspension of Services, and Annual Renewal

1. Duration and Termination of Agreement

This User Agreement is effective upon signature of both parties, including a signed Form SSA-1235 and payment in full of all fees due and owing under such Form SSA-1235, and shall remain in effect until terminated or cancelled as follows:

1. The Requesting Party may terminate this User Agreement by giving 30-days advance written notice to SSA of its decision to cancel the User Agreement. If the Requesting Party wishes to cancel their participation in CBSV, it must send a written notice to the SSA Contact stating its intent to cancel. This User Agreement will be terminated effective 30 days after SSA receives such notice or at a later date specified in the notice;

2. SSA and the Requesting Party may mutually agree in writing to cancel the User Agreement, in which case the termination will be effective on the date specified in such termination agreement;

3. SSA may terminate this User Agreement upon determination, in its sole discretion, that the Requesting Party has failed to comply with its responsibilities under this User Agreement, including without limitation its obligation to make advance payment, requirement to use the Consent Form without modification and in accordance with this User Agreement, and its responsibilities under section X Compliance Reviews and has not cured its non-compliance within 30 days of SSA’s notice of such non-compliance;

4. The User Agreement or the CBSV service is prohibited by applicable law or regulation, in which case this User Agreement will be null and void as of the effective date specified in such law or regulation; or

5. SSA may terminate this User Agreement as a result of its decision, in its sole discretion, to cancel the CBSV services. In case of such cancellation of CBSV services, SSA will provide all participants in the CBSV program with written notice of SSA’s decision. The termination of this User Agreement pursuant to cancellation of the CBSV services will be effective five days from the date of such notice to the Requesting Party.

The Requesting Party specifically waives any right to judicial review of SSA’s decision to cancel the provision of CBSV services or terminate this User Agreement.

After the close of the fiscal year in which this User Agreement is terminated, SSA will refund to the Requesting Party any remaining advance payments of transaction fees. If the User Agreement is terminated early in the fiscal year, SSA reserves the right to refund the balance of advance payments prior to the close of fiscal year. Notwithstanding the foregoing, the one-time enrollment fee is not refundable upon termination of this User Agreement for any reason.

2. Suspension of Services

Notwithstanding any other provision of this Agreement, SSA may unilaterally suspend access of the Requesting Party’s access to CBSV services at the Agency’s sole discretion. Suspension will be effective immediately upon SSA’s notice, specifying the reason for the suspension, sent via e-mail to the Requesting Party’s Responsible Company Official, and will remain in effect until SSA’s further determination.

If the Requesting Party disputes SSA’s decision to suspend its access, the Requesting Party may elect to send a letter to SSA setting forth its reasons for contesting SSA’s action. Such letters may be sent via e-mail and must be received by SSA within five calendar days from the date the SSA transmitted the notice of suspension to the Responsible Company Official.

After reviewing the Requesting Party’s letter contesting the suspension, SSA may make the final determination to: 1) lift the suspension; 2) continue the suspension; or 3) terminate this User Agreement. SSA will provide the Requesting Party with written notice of its final decision.

The Requesting Party specifically waives any right to judicial review of SSA’s decision to suspend or terminate this Agreement.

3. Annual Renewal

This User Agreement does not authorize SSA to incur obligations through the performance of the services described herein. Performance of such services is authorized only by execution of Form SSA-1235 (Agreement Covering Reimbursable Services – Attachment D). Moreover, SSA may incur obligations by performing services under this User Agreement only on a fiscal year basis. Accordingly, attached to, and made a part of, this User Agreement, is a Form SSA-1235 that provides the authorization for SSA to perform services under this Agreement in fiscal year XXXX.

Because SSA’s performance under this User Agreement could span multiple fiscal years, SSA and the Requesting Party will prepare a new Form SSA-1235 at the beginning of each succeeding fiscal year during which SSA will incur obligations through the performance of the services described in this User Agreement. The parties will sign the Form SSA-1235 for the applicable fiscal year on or before the beginning of the Federal fiscal year (October 1^st). SSA’s ability to perform work for fiscal years beyond the current fiscal year is subject to the availability of funds.

If the Requesting Party has excess funding at the end of the fiscal year, SSA will refund the excess amount in October of the new FY. The refund of remaining funds from a previous fiscal year is a separate transaction; it does not automatically carryover to the following fiscal year.

Under the Debt Collection Improvement Act of 1996 and the Federal Acquisition Regulation (FAR), the Requesting Party must register in the Central Contractor Registration (CCR) and enroll in direct deposit to receive payments from the Federal government.

The Requesting Party can register in CCR and request a Data Universal Number System (DUNS) number by visiting www.bpn.gov/ccr/default.aspx on the Internet. SSA will make payments based on your banking information as registered in CCR. When completing the Form SSA-1235, the Requesting Party must include its DUNS number.

10. Compliance Reviews

1. Subject to Review

The Requesting Party and any of its Principals are subject to a mandatory compliance review.

2. Mandatory Compliance Review by Independent CPA

The Requesting Party must, at its own expense, retain the services of an independent, private-sector CPA to review its compliance with the terms and conditions of this User Agreement. The CPA shall have no professional or personal affiliation with the Requesting Party, including previous employment with the Requesting Party, except in its capacity as an independent CPA previously retained to perform the Requesting Party’s annual financial audit.

SSA will determine the frequency of the Requesting Party’s compliance review, which must be no less frequently than annually, with additional reviews as determined appropriate. The actual date of the compliance reviews will be determined by SSA in consultation with the reviewing CPA.

3. Initiating the Compliance Review

1. SSA will send a notice to the Requesting Party to request the name of the retained CPA firm and its designated contact. The Requesting Party must provide this information to SSA within seven (7) days. If the Requesting Party does not meet the deadline for providing the requirement, SSA may suspend without further notice Requesting Party’s access to CBSV service.
   
   

2. SSA will send a letter to the CPA requesting documentation of the CPA certification within the state in which he or she is licensed. The CPA must provide the documentation within 30 days. If the CPA is licensed in a different state from the Requesting Party, the CPA must show reciprocity to practice in the state in which the Requesting Party is located.

3. SSA will send a form Attestation Letter to the CPA and provide additional information (e.g., the review period, the number of transactions for the review period and the sample size). SSA will request that the CPA sign the Attestation Letter and return it to SSA within [__] days. SSA will provide the sample size based on the number of transactions.
   
   

4. Requesting Party’s Cooperation with the Compliance Review

The Requesting Party is responsible for retaining the services of a CPA for CBSV review purposes. SSA reserves the right to determine the standard by which the Requesting Party can select a CPA, if and when it determines that the CPA selected by the Requesting Party has failed to provide adequate compliance review.

The Requesting Party will:

1. Contract for, and bear the cost of, the required compliance reviews;

2. Provide to the reviewing CPA a copy of this User Agreement and all applicable attachments in their entirety; and

3. Inform all of its Principals of the requirement to produce supporting documentation upon CPA’s request for purposes of compliance reviews.

5. CPA

In performance of the compliance review under this User Agreement, the CPA must use the review criteria specified in Attachment E, CBSV Compliance Review (Audit)—Criteria.

In addition the Responsible Party must ensure that the CPA:

1. Follows standards established by the American Institute of Certified Public Accountants.

2. Provides a report containing the results of the compliance review to the designated SSA contact within 30 days after completing the compliance review.

3. Provides the Requesting Party with a copy of the report 30 days after the report is provided to SSA, unless SSA informs the CPA otherwise.

6. SSA

If the results of the CPA’s review indicate that the Requesting Party has not complied with any term or condition of this User Agreement, SSA may:

1. Perform its own onsite inspection, audit, compliance review,

2. Refer the report to its Office of the Inspector General for appropriate action, including referral to the Department of Justice for criminal prosecution;

3. Terminate this User Agreement and suspend CBSV services; and/or

4. Take any other action SSA deems appropriate.

11. Amendments to User Agreement

1. Mutual Amendments

Parties may amend this User Agreement at any time by mutual agreement in writing.

2. Unilateral Amendments

SSA reserves the unilateral right to amend this User Agreement at any time to implement the following:

1. Minor administrative changes, such as changes to SSA contact information; or

2. Procedural changes, such as method of transmitting requests and results and limits on number of verification requests

SSA will notify the Requesting Party any unilateral amendments under this section. If the Requesting Party does not wish to be bound by any such unilateral amendment, the Requesting Party may terminate this Agreement with 30 days’ notice.

12. Indemnification

Notwithstanding any other provision of this User Agreement, the Requesting Party will indemnify and hold SSA harmless from all claims, actions, causes of action, suits, debts, dues, controversies, restitutions, damages, losses, costs, fees, judgments, and any other liabilities caused by, arising out of, associated with, or resulting directly or indirectly from, any acts or omissions of the Requesting Party, including but not limited to the disclosure or use of information by the Requesting Party or its Principal, or any errors in information provided to the Requesting Party under this User Agreement. SSA is not responsible for any financial or other loss incurred by the Requesting Party, whether directly or indirectly, through the use of any data provided pursuant to this User Agreement. SSA is not responsible for reimbursing the Requesting Party for any costs the Requesting Party incurs pursuant to this User Agreement.

13. Disclaimers

SSA is not liable for any damages or loss resulting from errors in information provided to the Requesting Party under this User Agreement. Furthermore, SSA is not liable for damages or loss resulting from the destruction of any materials or data provided by the Requesting Party. All information furnished to the Requesting Party will be subject to the limitations and qualifications, if any, transmitted with such information. If, because of any such error, loss, or destruction attributable to SSA, SSA must re-perform the services under this User Agreement, the additional cost thereof will be treated as a part of the full costs incurred in compiling and providing the information and will be paid by the Requesting Party.

SSA’s performance of services under this User Agreement is authorized only to the extent that they are consistent with performance of the official duties and obligations of SSA. If for any reason SSA delays or fails to provide the services, or discontinues all or any part of the services, SSA is not liable for any damages or loss resulting from such delay, failure, or discontinuance.

Nothing in this User Agreement is intended to make any person or entity who is not a signatory to this User Agreement a third-party beneficiary of any right created by this User Agreement or by operation of law.

14. Integration

This User Agreement and the accompanying Form SSA-1235 constitute the entire agreement of the parties with respect to its subject matter. There have been no representations, warranties or promises made outside of this User Agreement. This User Agreement shall take precedence over any other documents that may be in conflict with it.

15. Resolution Mechanism

In the event of a disagreement between the parties to this User Agreement, the parties will meet and confer to attempt to negotiate a resolution. If the parties cannot agree on a resolution, the parties will submit the dispute in writing to the Deputy Commissioner, Office of Budget, Finance and Management, of SSA, who will render a final determination binding on both parties.

16. Persons to Contact

1. SSA Contacts

1. CBSV Project and Technical Support Team

Electronic Mail: [email protected] or [email protected]

Call: 888-772-2970

2. User Agreement Liaison

CBSV Agreement Coordinator

P. O. Box 33006

Baltimore, MD 21290-3006

Telephone: 866-395-8801

Electronic Mail: [email protected]

3. Billing and Payment Issues

Office of Finance

Attention: CBSV

2-M-2 East Low Rise

6401 Security Blvd.

Baltimore, MD 21235-6401

410-597-1673

Electronic Mail: [email protected]

NOTE: Advance payment (by company check or company credit card) is required.

Company checks must be mailed to the following address with a copy of the signed SSA-1235 (Agreement Covering Reimbursable Services):

Social Security Administration

6401 Security Blvd.

P.O. Box 17042

Baltimore, Maryland 21235

2. Requesting Party Contacts

Company Name: __________________________________________

Responsible Company Official: __________________________________________

Title: __________________________________________

Address: __________________________________________

__________________________________________

__________________________________________

Telephone: __________________________________________

Fax: __________________________________________

Electronic Mail: __________________________________________

17. Authorizing Signatures and Dates

The signatories below warrant and represent that they have the competent authority on behalf of their respective entities to enter into the obligations set forth in this User Agreement.

For Social Security Administration:

_________________________________ Date __________

(Signature)

Van Nguyen

Associate Commissioner, Office of Central Operations

For Requesting Party:

_________________________________ Date __________

(Signature)

Name: ________________________________

Title: _______________________________________

Company Name: ______________________________

Attachment A - Form SSA-88

Form Approved

OMB #0960-0760

Pre-Approval Form For

Consent Based Social Security Number Verification (CBSV)

COMPANY REGISTRATION

Name of the Company

Company Address (P.O. Box alone is not acceptable) Address Line 1 __________________________________________________ Address Line 2 __________________________________________________ City, State, Zip __________________________________________________

EIN (Employer Identification Number) (Provide primary EIN if your company uses more than one.)

EMPLOYEE(S) AUTHORIZED TO USE CBSV List the names of all employees unless your company will access CBSV solely through a web service platform. Note: If your company will access CBSV solely through a web service platform, please provide corresponding information of the Responsible Company Official as the employee authorized to use CBSV.

Name of Employee(s) Authorized to Use CBSV:

Telephone Number of Employee(s) Authorized to Use CBSV: (include area code)

Email Address of Employee(s) Authorized to Use CBSV:

AUTHORIZED SIGNATURE OF RESPONSIBLE COMPANY OFFICIAL

7. ______________________________________ Name of Responsible Company Official (print or type) ______________________________________ Signature of Responsible Company Official ______________________________________ _________________ Title Date ______________________________________ Telephone Number (include area code) ______________________________________ Email Address See SSA’s CBSV User Guide for information regarding the extent and nature of employee’s authority to use CBSV. Notify us if your authorized employee leaves your company or if you choose to revoke any or all of your employee's authorization to use SSA's Business Services Online (BSO).

Form SSA-88

Privacy Act Notice

The Social Security Administration (SSA) is allowed to collect the information on this form under Sections 205 and 1106 of the Social Security Act and the Privacy Act of 1974 (5 U.S.C. § 552a). We need this information to register your company and your authorized employee(s) to use our system for verifying Social Security Numbers and to contact you, if necessary. Giving us this information is voluntary. However, without the information we will not be able to provide this service to your company. SSA may also use the information we collect on this form for such purposes authorized by law, including to ensure the appropriate use of the service.

Paperwork Reduction Act Notice

This information collection meets the clearance requirements of 44 U.S.C. 3507, as amended by section 2 of the Paperwork Reduction Act of 1995. You are not required to answer these questions unless we display a valid Office of Management and Budget control number. We estimate that it will take you about 5 minutes to complete this form. You may send comments on our time estimate above to: SSA, 6401 Security Blvd., Baltimore, MD 21235-6401. Send only comments relating to our time estimate to this address, not the completed form.

Attachment B - Form SSA 89

Form Approved

OMB #0960-0760

Social Security Administration

Authorization for the Social Security Administration (SSA)

To Release

Social Security Number (SSN) Verification

Printed Name ____________________Date of Birth______________SSN ___________

I am conducting the following business transaction

____________________________________________________________________________

[Identify a specific purpose. Example—seeking a mortgage from the Company– “identity verification” or “identity proof or confirmation” is not acceptable.].

with the following company (“the Company”):

Company Name Address

I authorize the Social Security Administration to verify my name and SSN to the Company and/or the Company’s Agent, if applicable, for the purpose I identified.

The name and address of the Company’s Agent is:

_____________________________________________________________________________

I am the individual to whom the Social Security number was issued or the parent or legal guardian of a minor, or the legal guardian of a legally incompetent adult. I declare and affirm under the penalty of perjury that the information contained herein is true and correct. I acknowledge that if I make any representation that I know is false to obtain information from Social Security records, I could be found guilty of a misdemeanor and fined up to $5,000.

This consent is valid only for 90 days from the date signed, unless indicated otherwise by the individual named above. If you wish to change this timeframe, fill in the following:

This consent is valid for _______ days from the date signed. _______ (Please initial.)

Signature __________________________________ Date Signed ___________________

Relationship (if not the individual to whom the SSN was issued): ____________________

Contact information of individual signing authorization:

Address ______________________________________________

City/State/Zip ______________________________________________

Phone Number ______________________________________________

Form SSA-89 (Page 1 of 2)

Privacy Act Statement

SSA is authorized to collect the information on this form under Sections 205 and 1106 of the Social Security Act and the Privacy Act of 1974 (5 U.S.C. § 552a). We need this information to provide the verification of your name and SSN to the Company and/or the Company’s Agent named on this form. Giving us this information is voluntary. However, we cannot honor your request to release this information without your consent. SSA may also use the information we collect on this form for such purposes authorized by law, including to ensure the Company and/or Company’s Agent’s appropriate use of the SSN verification service.

Paperwork Reduction Act Statement - This information collection meets the requirements of 44 U.S.C. § 3507, as amended by section 2 of the Paperwork Reduction Act of 1995. You do not need to answer these questions unless we display a valid Office of Management and Budget control number. We estimate that it will take about 3 minutes to complete the form. You may send comments on our time estimate above to: SSA, 6401 Security Blvd., Baltimore, MD 21235-6401. Send to this address only comments relating to our time estimate, not the completed form.

………………………………………………TEAR OFF ………………………………

NOTICE TO NUMBER HOLDER

The Company and/or its Agent have entered into an agreement with SSA that, among other things, includes restrictions on the further use and disclosure of SSA’s verification of your SSN. To view a copy of the entire model agreement, visit http://www.ssa.gov/bso/cbsvPDF/agreement.pdf

Form SSA 89 (Page 2 of 2)

Attachment C - Form SSA-1235

Social Security Administration

AGREEMENT COVERING REIMBURSABLE SERVICES
JOB NUMBER	CAN: SOC: SSA DUNS/BPN: SSA TAS: SSA BETC: SSA ALC: SSA EIN:
REQUESTING ORGANIZATION
PROGRAM CONTACT NAME/ADDRESS	FINANCIAL CONTACT NAME/ADDRESS
ACCOUNTING DATA (for Government Agencies) Appropriation/TAS: ALC: BETC: DISB DUNS/BPN:	EMPLOYER IDENTIFICATION NUMBER (EIN):
	BEGINNING AND ENDING DATES
TYPE OF SERVICE REQUESTED
PROJECT TITLE OR KIND OF SERVICES
DESCRIPTION OF SERVICES
REFERENCES TO CORRESPONDENCE ON THIS MATTER
SSA PROJECT COORDINATOR
NAME	OFFICE
SSA CONTACT FOR INFORMATION PERTAINING TO THIS AGREEMENT
NAME	OFFICE
E STIMATED COST AND FINANCING OF SERVICES
ESTIMATED COST OF SERVICES:	FINANCING (Check one):		ADVANCE (In Full) P AYMENT (Quarterly)			x
			IPAC
SSA AUTHORIZATION
PRINTED NAME TITLE
SIGNATURE				DATE
ACCEPTANCE - FOR USE OF REQUESTING ORGANIZATION
Please provide the services requested above. We agree to pay you the full cost of such services in the amount estimated above prior to any work being performed; and we also agree to all of the terms and conditions stated in the accompanying Memorandum of Agreement.
NAME OF ORGANIZATION'S PROJECT COORDINATOR		TITLE
NAME & SIGNATURE OF AUTHORIZING OFFICIAL		TITLE			DATE

Form SSA-1235 (11-2010) Destroy Prior Editions

Attachment D - Attestation Statement (COMPANY)

ATTESTATION STATEMENT FOR

USING THE SSN VERIFICATION PROCESS

Name and address of company requesting services:

______________________________________________________________________ ______________________________________________________________________

______________________________________________________________________

______________________________________________________________________

I understand that the Social Security Administration will verify Social Security Numbers solely to ensure that the records of my Clients or my Principal’s Clients are correct for the purpose(s) indicated on the Consent Forms, Form SSA-89 (Authorization for SSA to Release SSN Verification), obtained from the Clients.

The information received from records maintained by the Social Security Administration is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an Agency under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000.

[Please clearly print or type your Responsible Company Official's name, title, and phone number and have him/her sign and date below.]

Name_________________________________________________________________ Title__________________________________________________________________ Phone Number__________________________________________________________

Signature__________________________________________Date_________________

Attachment E - CBSV Compliance Review (Audit) --Criteria

General:

1. The Requesting Party shall bear all costs associated with the compliance review in accordance with the User Agreement signed with the Social Security Administration.

2. The Requesting Party shall provide a copy of all applicable User Agreements in their entirety to the reviewing certified public accountant (CPA).

3. The CPA must adhere to the professional standards established by the American Institute of Certified Public Accountants and other applicable standards.

4. The CPA shall determine the procedures by which the following compliance review criteria will be verified including the sample size for each criterion and how each sample will be drawn. SSA will provide the size of the universe (i.e., the total number of SSNs verified by the company during the period to be audited) to assist the CPA in determining a statistically valid sample size. The CPA has the option of requesting additional SSA data to assist in the compliance review.

5. Terms that have a special meaning in the User Agreement are defined in Section I.B. of the User Agreement.

Compliance Review Criteria:

1. Verify that the Principal (the company’s client) used the SSN verification for the purpose(s) specified on the SSA-89 signed by the individual.

2. Send confirmation letters (or use other form of re-contact) to a limited number of individuals signing Form SSA-89 to verify that the Client gave authorization to obtain the SSN verification and release it to the Requesting Party (if applicable) and the Principal for the stated purpose.

3. Confirm that a signed Form SSA-89 was used to obtain consent in all cases.

4. Verify that the Requesting Party used the SSN verification only for the purpose(s) specified on the SSA-89 signed by the individual.

5. Review and confirm that the SSA-89 was completed in its entirety, without alterations, including signature, date, contact information for the authorizing party and the stated purpose.

6. Confirm that the purpose stated on the SSA-89 identifies a specific purpose (e.g., “mortgage application”) and is not a general purpose (e.g., “identity verification” or “identity proof or confirmation”).

7. Verify that the submission date for the SSN verification was after the date the SSA-89 was signed and dated.

8. Verify that the submission date for the SSN verification was not more than 90 days after the SSA-89 was signed and dated unless the authorizing individual specified an alternate timeframe. If so, verify that the submission date was within the alternate timeframe.

9. Verify that the company is retaining consent forms for seven years from the date of the SSN verification.

10. Document the Requesting Party’s record retention policy, and verify the procedures are followed as it relates to the particular circumstances outlined below:

1. Paper – Verify that the consent forms are stored in a locked fireproof storage cabinet, and confirm that only authorized personnel have access to these files as stated on the SSA-88.

2. Electronic – Verify that the consent forms are password protected, and confirm that only authorized personnel have access to these files as stated on the SSA-88. Verify passwords issued to personnel who no longer work for the company or no longer work in the capacity to have access to the files are voided. Verify that consent forms converted to electronic media have been destroyed. Verify that disaster recovery procedures are in place and are being followed.

3. Removable Electronic Media – Verify that all data has been encrypted, and confirm that such removable electronic media is stored in a locked, fireproof storage receptacle. Confirm that only authorized users have access to this media. Verify that the paper consent forms have been properly destroyed after being stored electronically.

11. Verify that 1) the Attestation Statement is current and, 2) that the signer’s authority includes authority to financially bind the company and bear responsibility for CBSV SSN verification.

12. Verify that the SSA-88s are current (employee is still employed by the company and is still performing CBSV duties).

13. Verify that the access code sent to the Designated Company Official has only been given to the Authorized User and is properly safeguarded from improper disclosure.

14. For Requesting Parties that are not Principals, review the agreements between the company and its Principals (clients) to ensure the agreements include the restrictions on, and penalties for, reuse and redisclosure.

15. For Requesting Parties that are not Principals, ensure the company has not informed the Principal (client) of the result of the SSN verification prior to receiving the SSN verification from SSA.

16. For Requesting Parties that are not Principals, ensure the company has correctly relayed to the Principal (client) the information regarding the SSN verification received from SSA.

17. Verify that the Requesting Party’s audit trail and retrieval capabilities by requesting a demonstration of the system’s tracking of the activity of Authorized Users who request information or view SSA-supplied information within Requesting Party’s system.

Report Requirements:

1. The CPA shall provide a report containing the results of the review to SSA within 30 days after the review is conducted.

2. The report shall conform to the American Institute of Certified Public Accountants and other applicable standards.

3. At its discretion, SSA may request copies of the reviewer’s work papers and test plans.

4. Any questions regarding review activities as well as the final review report shall be directed to:

SSA

OPSOS, Fee Based Disclosure Team

4334 Annex Building

6401 Security Blvd.

Baltimore, MD 21235-6401

Name, Email and Telephone: will be provided when agreement is signed

APPENDIX A – External Testing Environment (ETE) – (For Web Service Users Only)

OMB #0960-0760

______________________________________________________________________

CBSV User Agreement

Between the Social Security Administration (SSA)

And

External-to-SSA Developers

For External Testing Environment (ETE)

______________________________________________________________________

1. Purpose

The External Testing Environment (ETE) provides a dedicated test environment to be used by external-to-SSA developers for Consent Based Social Security Number Verification (CBSV) web services to test their software independent of SSA’s development activities. The ETE gives the external developers the flexibility to test on an “as needed” basis to make sure their software remains up-to-date and continues to provide accurate data on behalf of the public to SSA systems.

The purpose of this User Agreement is to establish the conditions, terms, and safeguards under which the Social Security Administration (SSA) will provide access to external-to-SSA developers for testing within the ETE.

2. Definitions

Name	Description
SSA	Social Security Administration
External to SSA Developer (ETSSAD)	Employee designated by Requesting Party to process submissions.
Requesting Party	Company desiring to access and use the ETE as represented by an Officer or Employee of Company possessing authority to make legally binding commitments on behalf of the Company.
Application Sponsor	Owner of SSA application with authority to approve ETSSAD request
ETE Administrator	Employee responsible for the management of the External Testing Environment
Credentials	Personal Identification Number (PIN) and Password to access SSA systems.

3. Technical Specifications and Systems Security & Related Business Process Requirements

The Requesting Party shall secure, at its own expense, the necessary hardware, software, etc. to establish connection to the ETE. The Requesting Party must have, and shall provide at its own expense, Internet access in order to access the ETE. The Requesting Party shall provide SSA with a valid e-mail address for its representative so that SSA may communicate with the Requesting Party via electronic mail. 

 All Requesting Party site preparation, connection, and operating costs, as well as any other miscellaneous costs incurred by the Requesting Party to enable its participation in the ETE, are the responsibility of the Requesting Party.

SSA shall give access to ETE documentation to the Requesting Party, which SSA may amend from time to time at its discretion without amendment to this User Agreement. The requirements for submitting files, checking status, and retrieving results are set forth in the User’s Guide.

General Participation Requirements

In order to meet general expectations for participation, the ETSSAD will need to:

• Execute test scenarios over a stated period on a repetitive basis to ensure connectivity to SSA systems.

• Interpret test results and accurately report issues encountered during Web service testing in enough detail that they can be reproduced.

• Provide feedback to SSA regarding the application’s reliability, stability, and user experience.

• Provide feedback to SSA regarding product enhancements, documentation, and help systems.

• Be able to react to SSA’s software changes.

• Have technical team members available to work with the SSA technical team to troubleshoot and resolve any connectivity or compatibility challenges incurred during the testing process.

Environment and Platform

In order to meet the environment requirements the ETSSAD must:

• Have a Web service development environment that supports development using a .NET and/or Java-based industry standard technologies.

• Have a test environment that can be setup to connect to SSA’s testing environment. If necessary, the ETSSAD test environment should be configured to use digital certificates generated by SSA for testing purposes.

Web Service Specific Expertise

The Requesting Party must have the following technical expertise in developing Web service clients for external Web services that have the following characteristics:

• Conformance to the World Wide Web Consortium (W3C) Web service standards (Simple Object Access Protocol (SOAP), Web Service Definition Language (WSDL), Web Service Security [WS-Security]).

• A transport layer security using Hypertext Transfer Protocol Secure (HTTPS), using Secure Socket Layer (SSL) Certificates signed by well-known Certification Authorities (CAs).

• Protected Web services that require the following authentication mechanisms:

• Client Authentication using the Personal Identification Number (PIN)/Password as a part of the WS-Security SOAP header, and;

• Strong Authentication (using X.509 Client Certificates), which authenticates the ETSSAD based on a digital signature over the SOAP body and timestamp element.

• Experience in successful Web service testing.

Ability to meet SSA’s Schedule

The ETSSAD must work within SSA’s schedule constraints. The applicant therefore must be able to:

• Perform testing during the agreed-upon time frame with help support available on weekdays between 9 A.M. and 5 P.M. Eastern Standard Time (EST),

• Support a flexible test schedule, and

• Participate in pre-scheduled technical status conference calls for the duration of testing.

4. Responsibilities

Requesting Party’s Responsibilities:

The Requesting Party agrees to create electronic file(s) to be used to test an SSA developed web service. The Requesting Party may be asked to process SSA generated test data when required.

All requests will conform to the submission requirements outlined in the ETE documentation which the Requesting Party will have access to upon successful registration for access to the ETE.

The Requesting Party agrees to provide the name, phone number, email address, and timeframe for testing. Further, the Requesting Party agrees to notify SSA if there is any change to employment status (including but not limited to, for example, long-term absence, termination of employment, change of duties relevant to ETE) for any ETSSAD authorized to use ETE. The Requesting Party will also notify SSA if they wish to revoke any employee’s authorization to use SSA’s ETE. The registration process will be completed by issuance of a unique access code by SSA to the Requesting Party. The Requesting Party is required to provide this code to the ETSSAD as authentication of the employee’s relationship to the Requesting Party as well as being authorized by the Requesting Party to submit such requests.

SSA may change its method of receiving verification requests and providing the results to the Requesting Party at any time. The Requesting Party shall be responsible for any costs generated by SSA's decision to change its method of using the ETE.

Requesting Party Acknowledgements:

1. The Requesting Party acknowledges that Section 1140 of the Social Security Act authorizes SSA to impose civil monetary penalties on any person who uses the words "Social Security" or other program-related words, acronyms, emblems and symbols in connection with an advertisement, solicitation or other communication, "in a manner which such person knows or should know would convey, or in a manner which reasonably could be interpreted or construed as conveying, the false impression that such item is approved, endorsed, or authorized by the Social Security Administration . . . ." 42 U.S.C. § 1320b-10(a); and

2. The Requesting Party acknowledges that it is specifically prohibited from using the words "Social Security" or other program-related words, acronyms, emblems and symbols in connection with an advertisement for products or services; and

3. The Requesting Party acknowledges that the information received from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any information from SSA under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000.

Note: These acknowledgements shall extend to ETSSAD that are not the Requesting Party.

SSA’s Responsibilities:

SSA mission-related work will have priority over ETE requests on SSA’s information systems and, therefore, SSA does not guarantee that ETE request results will be available to the Requesting Party within a specified time frame. SSA’s posting of ETE request results may be delayed while SSA performs mission-related work, or while SSA performs systems maintenance.

SSA agrees to provide limited Security and Application specific Help support to ETSSAD. The intent of this support is not to troubleshoot the Requesting Party’s application, rather to verify that SSA’s environment is operational. ETSSAD are expected to develop their Web Service Definition Language (WSDL) based on documentation provided by SSA after successful registration.

5. Duration of Agreement and Suspension of Services

Duration of Agreement

This User Agreement is effective upon signature of the Requesting Party and issuance of security credentials and ends in the following situations:

• The time frame stated by the Requesting Party during the registration process has ended, leading to the account being suspended.

• SSA cancels any ETE application or the entire environment at any time. However, SSA will make a reasonable effort to provide 5 days notice prior to such action.

• The Requesting Party gives notice of its decision to cancel its Agreement. In the event that the Requesting Party gives notice of its intent to cancel the Agreement, the Agreement shall terminate immediately or at the specified notice date;

• SSA and the Requesting Party mutually agree to cancel the Agreement;

• Cancellation of the Agreement is required by law and shall be effective as specified.

This agreement will come to an end if determined that the ETSSAD does not demonstrate the technical and environmental expertise as stated in Section III of this document.

Note: The completion of application testing within the ETE has no bearing on access to SSA Production systems. ETSSAD’s must apply for access to SSA Production systems.

Suspension of Services

Not withstanding any other provision of this Agreement, SSA may unilaterally suspend access of the Requesting Party to ETE services at the Agency’s discretion. Suspension will be effective immediately upon notice by SSA to the Requesting Party and will remain in effect until lifted by SSA. During the suspension period, notifications will be sent to all ETSSAD who have used the ETE environment on updates relating to the application tested.

The Requesting Party specifically waives any right to judicial review of SSA’s decision to suspend or cancel this Agreement.

6. Amendments to Agreement

Unilateral Amendments

SSA reserves the right to make the following types of unilateral amendments to this Agreement at any time:

• Minor administrative changes (for example, changes to SSA mailing addresses, email addresses, names of personnel, locations, etc.); and/or

• Process changes (for example, how submissions are to be received and results provided to business partners)

Unilateral amendments will be sent to the Requesting Party to notify them of the change. If the Requesting Party chooses to cancel this Agreement as a result of a unilateral amendment, notice to SSA is required.

7. Indemnification

Notwithstanding any other provision of this User Agreement, the Requesting Party agrees to indemnify and hold SSA harmless from all claims, actions, causes of action, suits, debts, dues, sums of money, accounts, covenants, contracts, controversies, agreements, promises, representations, restitutions, damages, costs, fees, judgments, and any other liabilities associated with, or resulting directly or indirectly from, any action, including but not limited to, actions involving the disclosure of information released by the Requesting Party. SSA shall not be responsible for any financial loss or other loss incurred by the Requesting Party, whether directly or indirectly, through the use of any data furnished pursuant to this User Agreement. SSA shall not be responsible for reimbursing the Requesting Party any costs incurred by the Requesting Party pursuant to this User Agreement.

8. Disclaimers

SSA is not liable for any damages or loss resulting from errors in information provided to the Requesting Party under this User Agreement. Furthermore, SSA is not liable for damages or loss resulting from the destruction of any materials or data provided by the Requesting Party. All information furnished to the Requesting Party will be subject to the limitations and qualifications, if any, transmitted with such information.

The delivery by SSA of services described herein and the timeliness of the delivery are authorized only to the extent that they are consistent with proper performance of the official duties and obligations of SSA and the relative importance of this request to others. If for any reason SSA delays or fails to provide services, or discontinues the services or any part thereof, SSA is not liable for any damages or loss resulting from such delay or for any such failure or discontinuance.

9. Integration

This User Agreement constitutes the entire agreement of the parties with respect to its subject matter. There have been no representations, warranties or promises made outside of this User Agreement. This User Agreement shall take precedence over any other documents that may be in conflict with it.

10. Resolution Mechanism

In the event of a disagreement between the parties to this User Agreement, the parties shall meet and confer to attempt to negotiate a resolution. If the parties cannot negotiate a resolution, the dispute shall be submitted in writing to the Deputy Commissioner of Systems, who will render a final determination binding on both parties.

11. Persons to Contact

SSA Contacts:

ETE Project Team

Electronic Mail: [email protected]

12. Authorizing Signatures and Dates

The signatories below warrant and represent that they have the competent authority on behalf of their respective agencies or companies to enter into the obligations set forth in this User Agreement.

____________________________________ ____________________________________
Requesting Party SSA Representative

Company

File Type	application/msword
File Title	CBSV USER AGREEMENT
Author	m p walker
Last Modified By	889123
File Modified	2013-12-24
File Created	2013-12-24