TN 2 (01-17)
GN 03314.120 Disclosure Without Consent to State and Local Protective Social Services Agencies
A. Disclosure policy
1. Disclosure when the Social Security Administration (SSA) suspects abuse or neglect
SSA and Disability Determination Services (DDS) employees may encounter situations in which a child or other vulnerable person may be the victim of neglect or abuse. For example, staff may observe a physical attack on a child, or see a child with unexplained serious bruises or other injuries.
a. What may be disclosed
In these cases, SSA may disclose the name and address of the alleged victim,
and the reason(s) why we suspect abuse, to the appropriate State or local protective social service agency. SSA should disclose only the minimal information necessary to make the report. The State can then decide whether to pursue the matter and whether to request additional information from SSA.
Disclosure of the above-referenced information is permissible based on the health maintenance and income maintenance routine use cited in the following systems of records:
60-0058—Master Files of Social Security Number (SSN) Holders and SSN Applications System,
60-0089—Claims Folders System,
60-0090—Master Beneficiary Record,
60-0103—Supplemental Security Income Record and Special Veterans Benefits, and
60-0320—Electronic Disability Claim File.
5 U.S.C. § 552a(b)(3); 20 C.F.R. § 401.150.
If the information to be disclosed originated in a system of records other than those listed here, the disclosure may be made based on the health and the safety exception to the Privacy Act of 1974 and notice of the disclosure must be provided to the individual whose record is disclosed. 5 U.S.C. § 552a(b)(8); 20 C.F.R. § 401.160. For more information about making disclosures under the health and safety exception to the Privacy Act, see GN 03316.135.
b. Who May Disclose the Information
Except as authorized in GN 03314.120A.1.b.3) in this section, field office (FO) and other SSA employees should not make a direct report of suspected abuse or neglect to the appropriate State or local agency, without first consulting with the appropriate management official(s).
FO employees who become aware of potential abusive situations should consult with FO management, followed by the Regional Office, before reporting allegations.
DDS employees should refer the situation to DDS management, who should refer the situation to the regional Privacy Act Coordinator (PAC). Except as authorized in GN 03314.120A.1.b.3) in this section, or expressly authorized by DDS management, DDS medical consultants and consultative examiners may not make direct reports of SSA information concerning suspected abuse or neglect situations, even when State law requires them to do so. The Privacy Act and SSA’s disclosure regulations govern disclosure of information pertaining to consultative examinations performed for SSA, rather than State law and policy. 20 C.F.R. §§ 401.20(b)(iii), 404.1631. Thus, DDS medical consultants and consultative examiners must consult with DDS management who will request the regional PAC’s guidance concerning these disclosures.
Exception for SSA or DDS employees subject to Federal Reporting Obligations
Certain individuals are subject to a duty to report suspected child abuse under Federal law, 42 U.S.C. § 13031. This duty applies to individuals “who, while engaged in a professional capacity or activity described in subsection [13031(b)] on Federal land or in a federally operated (or contracted) facility, learns of facts that give reason to suspect that a child has suffered an incident of child abuse.” Covered professionals under subsection 13031(b) include but are not limited to physicians, medical examiners, psychologists, and psychiatrists. When a duty to report exists, the report must “be made to the local law enforcement agency or local child protective services agency that has jurisdiction to investigate reports of child abuse or to protect child abuse victims in the land area or facility in question.” 28 C.F.R. § 81.2. SSA or DDS employees who are subject to child abuse reporting obligations in 42 U.S.C. § 13031 may make a direct report, when required to do so under this statute. If there is a question about whether an SSA or DDS employee is required to report under this statute, the employee or their management should consult with the Office of General Law or their Regional Chief Counsel.
Further, even when an SSA or DDS employee is authorized to make a direct report, the employee must still report the disclosure to their management and comply with the Privacy Act and SSA’s regulations. If a disclosure is made based on the health and safety exception to the Privacy Act (versus a routine use), notice of the disclosure must be provided to the individual whose record was disclosed, even if a duty to report existed.
2. Disclosure when State and local Protective Social Service Agencies request information
State agencies administering protective social services may initiate requests for information concerning abuse or neglect situations. We may disclose certain information from our records on individuals who may need these services, such as children and the elderly. Disclosure is permissible under the health maintenance and income maintenance routine use cited in a number of our systems of records. Disclosure under this routine use does not include providing information on individuals who may be suspected of abuse.
If the protective social services agency requests information on the potential perpetrator of the abuse, it may be possible to disclose the relevant information under the health and safety exception of the Privacy Act. In these situations, consult with the regional PAC to determine if disclosure is permissible.
NOTE: If the protective social services agency provides the consent of the individual whose information is requested, we may disclose any information that is relevant to the request.