Identifying Beneficiaries

Floor Speech

IDENTIFYING BENEFICIARIES -- (Senate - July 08, 2008)

Mr. DURBIN. Mr. President, the inspector general of the Social Security Administration recently issued a report taking the Centers for Medicare and Medicaid Services to task for its failure to take steps to implement the inspector general's recommendation that the agency stop using Social Security numbers as a beneficiary identifier. I support the inspector general's efforts and would like to bring this issue to the attention of my colleagues.

Social Security numbers were originally created to administer the Social Security Program. Over time, the public and private sectors began to use Social Security numbers for a variety of other purposes.

Use of Social Security numbers is a convenient method to identify individuals. But wide-spread use of Social Security numbers also increases the risk of identity theft and fraud. In 2006, the Federal Trade Commission reported that more than 8 million Americans were victims of identity theft in the prior year.

Identity thieves can obtain an individual's personal information by stealing mail or a wallet or rummaging through your trash. That personal information can be used to obtain a credit card in your name, write bad checks from a bank account created in your name, or authorize the electronic transfer of funds from your bank account to a different account.

A Social Security number is a key piece of information used in identity thefts. Recognizing this threat, many public and private entities have taken steps to limit the use and display of Social Security numbers.

Last year, the Office of Management and Budget called on Federal agencies to safeguard personally identifiable information. It required agencies to establish plans to eliminate unnecessary collection and use of Social Security numbers and to explore alternatives to Social Security numbers.

A number of Federal agencies are reducing the use of Social Security numbers. The Department of Veterans Affairs no longer displays Social Security numbers on new veteran identification cards. The Department of Defense is issuing health cards that no longer display Social Security numbers. And the Office of Personnel Management has directed health insurers participating in the Federal Employees Health Benefit Program to eliminate Social Security numbers from insurance cards.

Unfortunately, the Centers for Medicare and Medicaid Services continues to display Social Security numbers on Medicare identification cards. Consumers Union and others have noted this practice needlessly places Medicare beneficiaries at risk for identity theft.

The Social Security Administration urges people not to carry their Social Security cards with them in order to protect against theft. But Medicare beneficiaries are instructed to carry their Medicare identification cards with them--cards with the very same Social Security number on them. Why would CMS increase senior citizens' vulnerability to identity theft?

I first raised this concern in 2005 and successfully offered an amendment to the Senate version of the fiscal year 2006 Labor-HHS-Education appropriations bill to require CMS to provide a report to Congress outlining a plan to move away from using Social Security numbers on Medicare identification cards.

CMS prepared a report and provided estimates of the cost and time it would take to switch to an identification system other than Social Security numbers. But it has failed to implement that plan.

Last month, the inspector general of the Social Security Administration issued a report that examined how CMS is responding to an IG recommendation in 2006 to remove Social Security numbers from Medicare cards. The inspector general found that CMS has not done anything beyond preparing the report to Congress.

The inspector general made his position clear. The report states:

Given the millions of individuals at risk for identity theft and OMB's directive to eliminate unnecessary uses of [Social Security numbers], we believe immediate action is needed to address this significant vulnerability.

The report also declares:

We do not believe a Federal agency should place more value on convenience than the security of its beneficiaries' personal information.

It is very disappointing that CMS is not taking recommended steps to protect Medicare beneficiaries from identity theft.

Private health insurers have moved away from using Social Security numbers. Other Federal agencies have too. It is time for CMS to do the same.

Source