(a) General. Except as permitted by the Privacy Act and the regulations in this part, or when required by the FOIA, we will not disclose your records without your written consent.

(b) Disclosure with written consent. The written consent must clearly specify to whom the information may be disclosed, the information you want us to disclose (e.g., social security number, date and place of birth, monthly Social Security benefit amount, date of entitlement), and, where applicable, during which timeframe the information may be disclosed (e.g., during the school year, while the subject individual is out of the country, whenever the subject individual is receiving specific services).

(c) Disclosure of the entire record. We will not disclose your entire record. For example, we will not honor a blanket consent for all information in a system of records or any other record consisting of a variety of data elements. We will disclose only the information you specify in the consent. We will verify your identity and where applicable (e.g., where you consent to disclosure of a record to a specific individual), the identity of the individual to whom the record is to be disclosed.

(d) A parent or guardian of a minor is not authorized to give written consent to a disclosure of a minor's medical record. See § 401.55(c)(2) for the procedures for disclosure of or access to medical records of minors.

(a) SSA maintains two categories of records which contain personal information:

(1) Nonprogram records, primarily administrative and personnel records which contain information about SSA's activities as a government agency and employer, and

(2) Program records which contain information about SSA's clients that it keeps to administer benefit programs under Federal law.

(b) We apply different levels of confidentiality to disclosures of information in the categories in paragraphs (a) (1) and (2) of this section. For administrative and personnel records, the Privacy Act applies. To the extent that SSA has physical custody of personnel records maintained as part of the Office of Personnel Management's (OPM) Privacy Act government-wide systems of records, these records are subject to OPM's rules on access and disclosure at 5 CFR parts 293 and 297. For program records, we apply somewhat more strict confidentiality standards than those found in the Privacy Act. The reason for this difference in treatment is that our program records include information about a much greater number of persons than our administrative records, the information we must collect for program purposes is often very sensitive, and claimants are required by statute and regulation to provide us with the information in order to establish entitlement for benefits.

The disclosures listed in this section may be made from our nonprogram records, e.g., administrative and personnel records, without your consent. Such disclosures are those:

(a) To officers and employees of SSA who have a need for the record in the performance of their duties. The SSA official who is responsible for the record may upon request of any officer or employee, or on his own initiative, determine what constitutes legitimate need.

(b) Required to be disclosed under the Freedom of Information Act, 5 U.S.C. 552, and 20 CFR part 402.

(c) For a routine use as defined in § 401.25 of this part. Routine uses will be listed in any notice of a system of records. SSA publishes notices of systems of records, including all pertinent routine uses, in the Federal Register.

(d) To the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of Title 13 U.S.C.

(e) To a recipient who has provided us with advance written assurance that the record will be used solely as a statistical research or reporting record; Provided, that, the record is transferred in a form that does not identify the subject individual.

(f) To the National Archives of the United States as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Administrator of General Services or his designee to determine whether the record has such value.

(g) To another government agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of such government agency or instrumentality has submitted a written request to us, specifying the record desired and the law enforcement activity for which the record is sought.

(h) To an individual pursuant to a showing of compelling circumstances affecting the health or safety of any individual if a notice of the disclosure is transmitted to the last known address of the subject individual.

(i) To either House of Congress, or to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee.

(j) To the Comptroller General, or any of his authorized representatives, in the course of the performance of duties of the Government Accountability Office.

(k) Pursuant to the order of a court of competent jurisdiction.

This section describes how various laws control the disclosure of personal information that we keep. We disclose information in the program records only when a legitimate need exists. For example, we disclose information to officers and employees of SSA who have a need for the record in the performance of their duties. We also must consider the laws identified below in the respective order when we disclose program information:

(a) Some laws require us to disclose information (§ 401.120); some laws require us to withhold information (§ 401.125). These laws control whenever they apply.

(b) If no law of this type applies in a given case, then we must look to FOIA principles. See § 401.130.

(c) When FOIA principles do not require disclosure, we may disclose information if both the Privacy Act and section 1106 of the Social Security Act permit the disclosure.

We disclose information when a law specifically requires it. The Social Security Act requires us to disclose information for certain program purposes. These include disclosures to the SSA Office of Inspector General, the Federal Parent Locator Service, and to States pursuant to an arrangement regarding use of the Blood Donor Locator Service. Also, there are other laws which require that we furnish other agencies information which they need for their programs. These agencies include the Department of Veterans Affairs for its benefit programs, U.S. Citizenship and Immigration Services to carry out its duties regarding aliens, the Railroad Retirement Board for its benefit programs, and to Federal, State and local agencies administering Temporary Assistance for Needy Families, Medicaid, unemployment compensation, food stamps, and other programs.

We do not disclose information when a law specifically prohibits it. The Internal Revenue Code generally prohibits us from disclosing tax return information which we receive to maintain individual earnings records. This includes, for example, amounts of wages and contributions from employers. Other laws restrict our disclosure of certain information about drug and alcohol abuse which we collect to determine eligibility for social security benefits.

The FOIA requires us to disclose any information in our records upon request from the public, unless one of several exemptions in the FOIA applies. When the FOIA requires disclosure (see part 402 of this chapter), the Privacy Act permits it. The public does not include Federal agencies, courts, or the Congress, but does include State agencies, individuals, corporations, and most other parties. The FOIA does not apply to requests that are not from the public (e.g., from a Federal agency). However, we apply FOIA principles to requests from these other sources for disclosure of program information.

When the FOIA does not apply, we may not disclose any personal information unless both the Privacy Act and section 1106 of the Social Security Act permit the disclosure. Section 1106 of the Social Security Act requires that disclosures which may be made must be set out in statute or regulations; therefore, any disclosure permitted by this part is permitted by section 1106.

When no law specifically requiring or prohibiting disclosure applies to a question of whether to disclose information, we follow FOIA principles to resolve that question. We do this to insure uniform treatment in all situations. The FOIA principle which most often applies to SSA disclosure questions is whether the disclosure would result in a “clearly unwarranted invasion of personal privacy.” To decide whether a disclosure would be a clearly unwarranted invasion of personal privacy we consider—

(a) The sensitivity of the information (e.g., whether individuals would suffer harm or embarrassment as a result of the disclosure);

(b) The public interest in the disclosure;

(c) The rights and expectations of individuals to have their personal information kept confidential;

(d) The public's interest in maintaining general standards of confidentiality of personal information; and

(e) The existence of safeguards against unauthorized redisclosure or use.

(a) The FOIA does not authorize us to impose any restrictions on how information is used after we disclose it under that law. In applying FOIA principles, we consider whether the information will be adequately safeguarded against improper use or redisclosure. We must consider all the ways in which the recipient might use the information and how likely the recipient is to redisclose the information to other parties. Thus, before we disclose personal information we may consider such factors as—

(1) Whether only those individuals who have a need to know the information will obtain it;

(2) Whether appropriate measures to safeguard the information to avoid unwarranted use or misuse will be taken; and

(3) Whether we would be permitted to conduct on-site inspections to see whether the safeguards are being met.

(b) We feel that there is a strong public interest in sharing information with other agencies with programs having the same or similar purposes, so we generally share information with those agencies. However, since there is usually little or no public interest in disclosing information for disputes between two private parties or for other private or commercial purposes, we generally do not share information for these purposes.

(a) General. The Privacy Act allows us to disclose information maintained in a system of records without your consent to any other party if such disclosure is pursuant to a routine use published in the system's notice of system of records. A “Routine use” must be compatible with the purpose for which SSA collected the information.

(b) Notice of routine use disclosures. A list of permissible routine use disclosures is included in every system of records notice published in the Federal Register.

(c) Determining compatibility—(1) Disclosure to carry out SSA programs. We disclose information for published routine uses necessary to carry out SSA's programs.

(2) Disclosure to carry out programs similar to SSA programs. We may disclose information for the administration of other government programs. These disclosures are pursuant to published routine uses where the use is compatible with the purpose for which the information was collected. These programs generally meet the following conditions:

(i) The program is clearly identifiable as a Federal, State, or local government program.

(ii) The information requested concerns eligibility, benefit amounts, or other matters of benefit status in a Social Security program and is relevant to determining the same matters in the other program. For example, we disclose information to the Railroad Retirement Board for pension and unemployment compensation programs, to the Department of Veterans Affairs for its benefit programs, to worker's compensation programs, to State general assistance programs and to other income maintenance programs at all levels of government. We also disclose for health maintenance programs like Medicaid and Medicare.

(iii) The information will be used for appropriate epidemiological or similar research purposes.

(a) General. The Privacy Act allows us to disclose information for law enforcement purposes under certain conditions. Much of the information in our files is especially sensitive or very personal. Furthermore, participation in social security programs is mandatory, so people cannot limit what information is given to us. Therefore, we generally disclose information for law enforcement purposes only in limited situations. The Privacy Act allows us to disclose information if the head of the law enforcement agency makes a written request giving enough information to show that the conditions in paragraphs (b) or (c) of this section are met, what information is needed, and why it is needed. Paragraphs (b) and (c) of this section discuss the disclosures we generally make for these purposes.

(b) Serious crimes. SSA may disclose information for criminal law enforcement purposes where a violent crime such as murder or kidnapping has been committed and the individual about whom the information is being sought has been indicted or convicted of that crime.

(c) Criminal activity involving the social security program or another program with the same purposes. We disclose information when necessary to investigate or prosecute fraud or other criminal activity involving the social security program. We may also disclose information for investigation or prosecution of criminal activity in other income-maintenance or health-maintenance programs (e.g., other governmental pension programs, unemployment compensation, general assistance, Medicare or Medicaid) if the information concerns eligibility, benefit amounts, or other matters of benefit status in a social security program and is relevant to determining the same matters in the other program.

The Privacy Act allows us to disclose information in compelling circumstances where an individual's health or safety is affected. For example, if we learn that someone has been exposed to an excessive amount of radiation, we may notify that person and appropriate health officials. If we learn that someone has made a threat against someone else, we may notify that other person and law enforcement officials. When we make these disclosures, the Privacy Act requires us to send a notice of the disclosure to the last known address of the person whose record was disclosed.

(a) General. Statistical and research activities often do not require information in a format that identifies specific individuals. Therefore, whenever possible, we release information for statistical or research purposes only in the form of aggregates or individual data that cannot be associated with a particular individual. The Privacy Act allows us to release records if there are safeguards that the record will be used solely as a statistical or research record and the individual cannot be identified from any information in the record.

(b) Safeguards for disclosure with identifiers. The Privacy Act also allows us to disclose data for statistical and research purposes in a form allowing individual identification, pursuant to published routine use, when the purpose is compatible with the purpose for which the record was collected. We will disclose personally identifiable information for statistical and research purposes if—

(1) We determine that the requestor needs the information in an identifiable form for a statistical or research activity, will use the information only for that purpose, and will protect individuals from unreasonable and unwanted contacts;

(2) The activity is designed to increase knowledge about present or alternative Social Security programs or other Federal or State income-maintenance or health-maintenance programs; or is used for research that is of importance to the Social Security program or the Social Security beneficiaries; or an epidemiological research project that relates to the Social Security program or beneficiaries; and

(3) The recipient will keep the information as a system of statistical records, will follow appropriate safeguards, and agrees to our on-site inspection of those safeguards so we can be sure the information is used or redisclosed only for statistical or research purposes. No redisclosure of the information may be made without SSA's approval.

(c) Statistical record. A statistical record is a record in a system of records which is maintained only for statistical and research purposes, and which is not used to make any determination about an individual. We maintain and use statistical records only for statistical and research purposes. We may disclose a statistical record if the conditions in paragraph (b) of this section are met.

(d) Compiling of records. Where a request for information for statistical and research purposes would require us to compile records, and doing that would be administratively burdensome to ongoing SSA operations, we may decline to furnish the information.

(a) We disclose information to either House of Congress. We also disclose information to any committee or subcommittee of either House, or to any joint committee of Congress or subcommittee of that committee, if the information is on a matter within the committee's or subcommittee's jurisdiction.

(b) We disclose to any member of Congress the information needed to respond to constituents' requests for information about themselves (including requests from parents of minors, or legal guardians). However, these disclosures are subject to the restrictions in §§ 401.35 through 401.60.

We disclose information to the Government Accountability Office when that agency needs the information to carry out its duties.

(a) General. The Privacy Act permits us to disclose information when we are ordered to do so by a court of competent jurisdiction. When information is used in a court proceeding, it usually becomes part of the public record of the proceeding and its confidentiality often cannot be protected in that record. Much of the information that we collect and maintain in our records on individuals is especially sensitive. Therefore, we follow the rules in paragraph (d) of this section in deciding whether we may disclose information in response to an order from a court of competent jurisdiction. When we disclose pursuant to an order from a court of competent jurisdiction, and the order is a matter of public record, the Privacy Act requires us to send a notice of the disclosure to the last known address of the person whose record was disclosed.

(b) Court. For purposes of this section, a court is an institution of the judicial branch of the U.S. Federal government consisting of one or more judges who seek to adjudicate disputes and administer justice. (See 404.2(c)(6) of this chapter). Entities not in the judicial branch of the Federal government are not courts for purposes of this section.

(c) Court order. For purposes of this section, a court order is any legal process which satisfies all of the following conditions:

(1) It is issued under the authority of a Federal court;

(2) A judge or a magistrate judge of that court signs it;

(3) It commands SSA to disclose information; and

(4) The court is a court of competent jurisdiction.

(d) Court of competent jurisdiction. It is the view of SSA that under the Privacy Act the Federal Government has not waived sovereign immunity, which precludes state court jurisdiction over a Federal agency or official. Therefore, SSA will not honor state court orders as a basis for disclosure. State court orders will be treated in accordance with the other provisions of this part.

(e) Conditions for disclosure under a court order of competent jurisdiction. We disclose information in compliance with an order of a court of competent jurisdiction if—

(1) another section of this part specifically allows such disclosure, or

(2) SSA, the Commissioner of Social Security, or any officer or employee of SSA in his or her official capacity is properly a party in the proceeding, or

(3) disclosure of the information is necessary to ensure that an individual who is accused of criminal activity receives due process of law in a criminal proceeding under the jurisdiction of the judicial branch of the Federal government.

(f) In other circumstances. We may disclose information to a court of competent jurisdiction in circumstances other than those stated in paragraph (e) of this section. We will make our decision regarding disclosure by balancing the needs of a court while preserving the confidentiality of information. For example, we may disclose information under a court order that restricts the use and redisclosure of the information by the participants in the proceeding; we may offer the information for inspection by the court in camera and under seal; or we may arrange for the court to exclude information identifying individuals from that portion of the record of the proceedings that is available to the public. We will make these determinations in accordance with § 401.140.

(g) Other regulations on request for testimony, subpoenas and production of records in legal proceedings. See 20 CFR part 403 of this chapter for additional rules covering disclosure of information and records governed by this part and requested in connection with legal proceedings.

In addition to disclosures we make under the routine use provision, we also release information to—

(a) The Bureau of the Census for purposes of planning or carrying out a census, survey, or related activity; and

(b) The National Archives of the United States if the record has sufficient historical or other value to warrant its continued preservation by the United States Government. We also disclose a record to the Administrator of General Services for a determination of whether the record has such a value.

We do not consider the disclosure of information about a deceased person to be a clearly unwarranted invasion of that person's privacy. However, in disclosing information about a deceased person, we follow the principles in § 401.115 to insure that the privacy rights of a living person are not violated.

If no other provision in this part specifically allows SSA to disclose information, the Commissioner or designee may disclose this information if not prohibited by Federal law. For example, the Commissioner or designee may disclose information necessary to respond to life threatening situations.

(a) General. We will enter into arrangements with State agencies under which we will furnish to them at their request the last known personal mailing addresses (residence or post office box) of blood donors whose blood donations show that they are or may be infected with the human immunodeficiency virus which causes acquired immune deficiency syndrome. The State agency or other authorized person, as defined in paragraph (b) of this section, will then inform the donors that they may need medical care and treatment. The safeguards that must be used by authorized persons as a condition to receiving address information from the Blood Donor Locator Service are in paragraph (g) of this section, and the requirements for a request for address information are in paragraph (d) of this section.

(b) Definitions. State means the 50 States, the District of Columbia, the Commonwealth of Puerto Rico, the Virgin Islands, Guam, the Commonwealth of Northern Marianas, and the Trust Territory of the Pacific Islands.

Authorized person means—

(1) Any agency of a State (or of a political subdivision of a State) which has duties or authority under State law relating to the public health or otherwise has the duty or authority under State law to regulate blood donations; and

(2) Any entity engaged in the acceptance of blood donations which is licensed or registered by the Food and Drug Administration in connection with the acceptance of such blood donations, and which provides for—

(i) The confidentiality of any address information received pursuant to the rules in this part and section 1141 of the Social Security Act and related blood donor records;

(ii) Blood donor notification procedures for individuals with respect to whom such information is requested and a finding has been made that they are or may be infected with the human immunodeficiency virus; and

(iii) Counseling services for such individuals who have been found to have such virus. New counseling programs are not required, and an entity may use existing counseling programs or referrals to provide these services.

Related blood donor records means any record, list, or compilation established in connection with a request for address information which indicates, directly or indirectly, the identity of any individual with respect to whom a request for address information has been made pursuant to the rules in this part.

(c) Use of social security number for identification. A State or an authorized person in the State may require a blood donor to furnish his or her social security number when donating blood. The number may then be used by an authorized person to identify and locate a donor whose blood donation indicates that he or she is or may be infected with the human immunodeficiency virus.

(d) Request for address of blood donor. An authorized person who has been unable to locate a blood donor at the address he or she may have given at the time of the blood donation may request assistance from the State agency which has arranged with us to participate in the Blood Donor Locator Service. The request to the Blood Donor Locator Service must—

(1) Be in writing;

(2) Be from a participating State agency either on its own behalf as an authorized person or on behalf of another authorized person;

(3) Indicate that the authorized person meets the confidentiality safeguards of paragraph (g) of this section; and

(4) Include the donor's name and social security number, the addresses at which the authorized person attempted without success to contact the donor, the date of the blood donation if available, a statement that the donor has tested positive for the human immunodeficiency virus according to the latest Food and Drug Administration standards or that the history of the subsequent use of the donated blood or blood products indicates that the donor has or may have the human immunodeficiency virus, and the name and address of the requesting blood donation facility.

(e) SSA response to request for address. After receiving a request that meets the requirements of paragraph (d) of this section, we will search our records for the donor's latest personal mailing address. If we do not find a current address, we will request that the Internal Revenue Service search its tax records and furnish us any personal mailing address information from its files, as required under section 6103(m)(6) of the Internal Revenue Code. After completing these searches, we will provide to the requesting State agency either the latest mailing address available for the donor or a response stating that we do not have this information. We will then destroy the records or delete all identifying donor information related to the request and maintain only the information that we will need to monitor the compliance of authorized persons with the confidentiality safeguards contained in paragraph (g) of this section.

(f) SSA refusal to furnish address. If we determine that an authorized person has not met the requirements of paragraphs (d) and (g) of this section, we will not furnish address information to the State agency. In that case, we will notify the State agency of our determination, explain the reasons for our determination, and explain that the State agency may request administrative review of our determination. The Commissioner of Social Security or a delegate of the Commissioner will conduct this review. The review will be based on the information of record and there will not be an opportunity for an oral hearing. A request for administrative review, which may be submitted only by a State agency, must be in writing. The State agency must send its request for administrative review to the Commissioner of Social Security, 6401 Security Boulevard, Baltimore, MD 21235, within 60 days after receiving our notice refusing to give the donor's address. The request for review must include supporting information or evidence that the requirements of the rules in this part have been met. If we do not furnish address information because an authorized person failed to comply with the confidentiality safeguards of paragraph (g) of this section, the State agency will have an opportunity to submit evidence that the authorized person is now in compliance. If we then determine, based on our review of the request for administrative review and the supporting evidence, that the authorized person meets the requirements of the rules in this part, we will respond to the address request as provided in paragraph (e) of this section. If we determine on administrative review that the requirements have not been met, we will notify the State agency in writing of our decision. We will make our determination within 30 days after receiving the request for administrative review, unless we notify the State agency within this 30-day time period that we will need additional time. Our determination on the request for administrative review will give the findings of fact, the reasons for the decision, and what actions the State agency should take to ensure that it or the blood donation facility is in compliance with the rules in this part.

(g) Safeguards to ensure confidentiality of blood donor records. We will require assurance that authorized persons have established and continue to maintain adequate safeguards to protect the confidentiality of both address information received from the Blood Donor Locator Service and related blood donor records. The authorized person must, to the satisfaction of the Secretary—

(1) Establish and maintain a system for standardizing records which includes the reasons for requesting the addresses of blood donors, dates of the requests, and any disclosures of address information;

(2) Store blood donors' addresses received from the Blood Donor Locator Service and all related blood donor records in a secure area or place that is physically safe from access by persons other than those whose duties and responsibilities require access;

(3) Restrict access to these records to authorized employees and officials who need them to perform their official duties related to notifying blood donors who are or may be infected with the human immunodeficiency virus that they may need medical care and treatment;

(4) Advise all personnel who will have access to the records of the confidential nature of the information, the safeguards required to protect the information, and the civil and criminal sanctions for unauthorized use or disclosure of the information;

(5) Destroy the address information received from the Blood Donor Locator Service, as well as any records established in connection with the request which indicate directly or indirectly the identity of the individual, after notifying or attempting to notify the donor at the address obtained from the Blood Donor Locator Service; and

(6) Upon request, report to us the procedures established and utilized to ensure the confidentiality of address information and related blood donor records. We reserve the right to make onsite inspections to ensure that these procedures are adequate and are being followed and to request such information as we may need to ensure that the safeguards required in this section are being met.

(h) Unauthorized disclosure. Any official or employee of the Federal Government, a State, or a blood donation facility who discloses blood donor information, except as provided for in this section or under a provision of law, will be subject to the same criminal penalty as provided in section 7213(a) of the Internal Revenue Code of 1986 for the unauthorized disclosure of tax information.