BASIC (06-10)

GN 00401.035 Security and Disclosure Considerations in Disasters

Be alert to attempts to obtain sensitive information or gain access to SSA systems because of a disaster and remember

  • Always verify the identity of telephone callers requesting information.

  • Never disclose your password to anyone for any reason.

  • Always report suspected instances of tricks or scams to your manager or security officer immediately.

  • Always caution applicants for SSN printouts or replacement cards to safeguard their confidential information as a protection against identity theft.

A. Verifying Identity during a disaster

When a person calls SSA to obtain personal information from our records, verify the person’s identity. Follow these procedures:

  • If the caller is an SSA Employee from another office and is an employee whom you know, and you are certain of his or her identity, disclose the information without further development.

  • If you do not know the SSA Employee, verify caller identity using the SSA Employee Identification Data Base (SEID). See, RSDHI Claims Application (APPL) (Filing for Self Only) MSOM MCS 005.010. Once SEID verifies the identifying data, release the information.

  • If the data does not match the information on the system, but the caller still maintains that he or she is an SSA employee, ask for the name and telephone number of the caller's supervisor and call back. Establish the identity of the supervisor using the SEID. (If you establish that the employee's name was omitted from the SEID, the employee's supervisor should take action to correct the SEID.)

In these situations, you can provide the requested information either to the supervisor or the employee. Refer suspicious calls to your supervisor for necessary action.

See Details

GN 03360.005, Releasing Information by Telephone

B. Handling email scams during a disaster

During times of disaster, you may encounter different kinds of electronic scams.

  1. Do not respond to any email soliciting donations.

  2. Do not open email attachments if you are unsure of the sender.

  3. Send all suspicious emails to ^Report Scam.

To trace the origin of the email message, DO NOT “Forward” the email (this will delete the original internet header information). INSTEAD:

  • Highlight the email for referral.

  • From the Outlook menu, select ‘Edit’.

  • Select ‘Copy’.

  • Open a new message in Outlook and address to ^Report Scam

  • From the Outlook menu, select ‘Edit’.

  • Select ‘Paste’, then Select 'Send'

To Link to this section - Use this URL:
GN 00401.035 - Security and Disclosure Considerations in Disasters - 06/14/2010
Batch run: 06/14/2010