Basic (11-23)

DI 39518.045 Disclosure of Information - DDS


Social Security Act, section 1106;
Regulation number 1 (42 USC 1306, 20 CFR 401);
Regulations 20 CFR 404.1631 and 416.1031; 404.1633 and 416.1033

A. Policy principle

Confidentiality of Information

The State will comply with the confidentiality of information, including the records requirements described in 20 CFR Part 401 and pertinent written guidelines.

B. Operating policy

1. Freedom of Information/Privacy Act

All records maintained by the DDS that directly relate to processing disability cases are subject to all written and pertinent guidelines regarding confidentiality of information.

Maintain records for 6 years, unless tied to an open audit, per DI 39509.015A2.

Annotate the provider file with the date and name of the DDS employee.

2. Confidentiality requirements pertaining to CE physicians

a. CE physician responsibility

The CE source is responsible for the protection of the confidentiality of records obtained in the administration of social security program to the same degree as an employee of the DDS services or of SSA.

b. Prohibition

The disclosure of information obtained in the administration of social security programs, except as prescribed by regulations, is prohibited.

c. Penalty

Unauthorized disclosure is a crime.

C. Operating procedure

1. Requirements when adding new CE panelist

  1. a. 

    Require a written statement from all new CE physicians acknowledging that they will follow the confidentiality guidelines.

  2. b. 

    Retain a copy of the signed agreement in the DDS records.

  3. c. 

    Incorporate the signed acknowledgement into:

    • the contracts or agreements with the physician, or

    • a document executed separately by the source.

  4. d. 

    Continue to furnish newly hired CE sources with the Medical Relations Handbook explaining the rules and policy on disclosure of medical information.

2. Example

Language used in new CE panelist acknowledgement can take the following form:

“I acknowledge and understand that the Social Security Act and its implementing Regulation No.1 (42 U.S.C. 1306; 20 C.F.R. 401) prohibit the unauthorized disclosure of information obtained in the administration of Social Security programs and make such disclosure a crime. These prohibitions extend to any background data furnished to the provider in conjunction with the performance of the services contracted for herein, and to any reports generated as a result of providing such services, including any copies of such reports retained by the provider. Unauthorized disclosure of such records by the provider is prohibited. I further acknowledge and understand that should referral of any individual, or data pertaining to an individual, to any third party provider, (for additional diagnostic studies, clerical or transcription services, messenger services, etc.) become necessary in providing services contracted for herein, such third-party provider must be made aware that services are being performed in connection with a Social Security program, and that improper disclosure of information about the subject individual is prohibited.”

D. Related procedure

See related procedures on access and disclosure of confidential information and official records

  • GN 03301.045 Penalties for Violation of the Information Laws

  • GN 03314.120 Disclosure Without Consent to State and Local Protective Social Services Agencies

To Link to this section - Use this URL:
DI 39518.045 - Disclosure of Information - DDS - 11/14/2023
Batch run: 11/14/2023