Social Security Number Policy
Purpose
This policy governs the collection, storage, use, and disclosure of Social Security Numbers (SSNs) at Pittsburg State University (PSU), consistent with federal and state laws and regulations and the increasing need to protect personal identity data. PSU is committed to maintaining the privacy and confidentiality of an individual's SSN. Therefore, the use of SSNs as an identification number within the University will be limited. The University ID (PSU ID) is the primary identification number for students, employees, and anyone who has a relationship with the University.
Objectives
The objectives of the policy are:
• Increase awareness of the confidential nature of SSNs and the risk of identity theft related to unauthorized disclosure.
• Reduce collection of SSNs except when authorized by law.
• Increase awareness on secure use, transmission, and storage of SSNs.
• Reduce use of SSNs in records and information systems, including computer monitor and printed reports.
• Reduce reliance upon SSNs for identification purposes.
• Ensure consistent management of SSNs throughout the University.
Scope
This policy applies to all individuals who access, use, or control information technology and/or non-electronic records containing SSN information. Individuals covered include PSU faculty, staff, students, and affiliated partners, including contractors, while conducting business with the University. All information technology systems that support the University, whether operated by PSU or by a third party, are covered by this policy.
Policy
The collection, storage, and use of SSNs will be discontinued, except where required for employment, IRS reporting, federal student financial aid processing, state and federal reporting requirements, and a limited number of other business transactions. The SSN will continue to be collected and retained as authorized by law, but it will not be used for routine identification or authentication purposes.
Any University department or office that collects and/or maintains SSNs in either paper or electronic media must:
• Ensure SSNs are stored in a secure and confidential environment.
• Eliminate using SSNs for any purpose except those specifically addressed in this policy.
• Properly control and restrict access to SSNs to prevent unauthorized disclosure.
• Properly erase or destroy storage devices or printed documents that contain SSNs to ensure information cannot be recovered or reconstructed.
Related Laws, Regulations and Policies
A variety of federal and state laws and regulations address the use of the SSN. These include the Privacy Act of 1974, the Family Education Rights and Privacy Act (FERPA), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), and Kansas Statues Annotated, 76-768.
Unauthorized Use of Social Security Numbers
An individual, who discovers or suspects the unauthorized release of SSNs or related confidential information, or a violation of this policy, should notify PSU's General Counsel.