When the Social Security Act was signed into law in 1935, the U.S. government assured Americans that the number would be used solely for tracking workers in order to assure accurate federal retirement benefits. Since then, the Social Security number has evolved into a de facto national tracking system that is used for everything from credit applications to Kindergarten enrollment. Many federal laws govern citizens’ use of their numbers, but there are no federal laws that govern how an employer can use your Social Security number. However, some state laws govern an employer's use of your Social Security number, and there are guidelines employers should follow to protect your privacy.
Federal laws protect citizens from misuse of their Social Security numbers. If an employer uses a Social Security number to obtain fraudulent documents or financial instruments or posts the number publicly, which makes it vulnerable to identity theft, it could be a violation of U.S. Cyber Crimes Law. Additionally, if the misuse includes medical information of any kind, employers may be in violation of Health Insurance Portability and Accountability Act (HIPAA) laws. However, if the Social Security number is simply posted on a public bulletin board, there is no national statutory recourse unless your employee can prove a direct correlation to financial damage.
In 2001, California adopted laws that make it a crime to post an employee’s Social Security number or to use it as an identification number or Internet password. It is also illegal to encode the number into any documentation even using a bar code and only the last four digits can be used on pay stubs or statements. Since that time, Michigan, Texas and nine additional states have adopted similar laws. Check state statutes for location-specific legislation.
The proliferation of identity theft compelled the Social Security Administration to compile a listing of Best Practices for employers’ use in meeting their responsibilities to protect employees’ Social Security numbers. Employers are encouraged to use numbers other than SSNs for employee identification purposes and encrypt all personal data that must be transmitted electronically. Additionally, the SSA suggests that employees sign confidentiality agreements if their jobs require them to have access to the Social Security numbers of others. The SSA also suggests that a privacy compliance position be instituted to provide executive oversight of sensitive document handling.
Preventing a Breach
To ensure that employee Social Security numbers are protected, employers must stay up to date on best practices as provided by the Social Security Administration and implement new procedures when needed. One step is to inventory your equipment so you know not only what hardware and software you are using, but also which version you are running. Ensure your infrastructure is secure. Even the newest computers and latest software may be missing security patches, so download and install any you discover missing. Finally, hold monthly meetings to update and train employees on cyber security procedures as threats may be internal as well as external.
- Social Security: Brief Graphic Organizational History
- Oranization of American States: Cybercrime Laws of the Unit ed States
- Pillsbury: Employee Data Privacy—An Overview of Employer Responsibilities
- Privacy Rights Clearinghouse: Fact Sheet 10: My Social Security Number - How Secure Is It?
- California State University Long Beach: Protecting the Confidentiality of Social Security Numbers
- Social Security: Avoid Identity Theft: Protect Social Security Numbers
- Consumers' Union: State laws restricting private use of Social Security numbers
- Business News Daily: Small Business Data Breach: Mitigating the Damage
- Photo Credit larryhw/iStock/Getty Images
How to Correct an Incorrect Social Security Number on a W-2 Form
Verifying and photocopying a new employee’s Social Security card instead of simply writing down the number is good business practice. It can...
Employer's Responsibilities on Confidentiality
From the first pre-employment interview, your company will accumulate information about its employees. The longer they work for you, the more information...
How Does Social Security Tax Appear on My Paycheck?
All employers are required to withhold Social Security tax from employees’ paychecks, unless an exemption applies. If you receive a paycheck stub...