# Privacy Act of 1974; System of Records
**AGENCY:**
Social Security Administration (SSA).
**ACTION:**
Notice of a modified system of records.
**SUMMARY:**
In accordance with the Privacy Act of 1974, we are issuing public notice of our intent to modify an existing system of records entitled, Disability Determination Services (DDS) Consultant File (60-0046), last published on January 11, 2006. This notice publishes details of the modified system as set forth below under the caption, *SUPPLEMENTARY INFORMATION* .
**DATES:**
The system of records notice (SORN) is applicable upon its publication in today's *Federal Register* , with the exception of the new routine uses, which are effective February 9, 2026.
We invite public comment on the routine uses or other aspects of this SORN. In accordance with the Privacy Act of 1974, we are providing the public a 30-day period in which to submit comments. Therefore, please submit any comments by February 9, 2026.
**ADDRESSES:**
The public, Office of Management and Budget (OMB), and Congress may comment on this publication by writing to the Head of Privacy and Disclosure Policy, Law and Policy, SSA, Room G-401 West High Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, or through the Federal e-Rulemaking Portal at *https://www.regulations.gov.* Please reference docket number SSA-2025-0156. All comments we receive will be available for public inspection at the above address and we will post them to *https://www.regulations.gov.*
**FOR FURTHER INFORMATION CONTACT:**
Tristin Dorsey, Government Information Specialist, Privacy Implementation Division, Privacy and Disclosure Policy, Law and Policy, SSA, Room G-401 West High Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, telephone: (410) 966-5855, email: *[email protected]* , and Melissa Bellitto, Government Information Specialist, Privacy Implementation Division, Privacy and Disclosure Policy, Law and Policy, SSA, Room G-401 West High Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, telephone: (410) 966-5855, email: *[email protected].*
**SUPPLEMENTARY INFORMATION:**
We are modifying the system of records name from “DDS Consultant File, SSA, Office of Disability Determinations” to “DDS Consultative Examination (CE) Provider File” to accurately reflect the name of the system. We are modifying the system location and system manager to clarify the names of the offices responsible for maintaining the system and to recognize that we may also maintain records in a cloud-based environment. We are clarifying the purpose of the system, categories of individuals covered by the system, categories of records maintained in the system, and record source categories for easier reading.
In addition, we are revising existing routine use Nos. 1, 2, 4, and 7 for easier reading. We are adding six new routine uses that will permit disclosures to the following:
• The Office of the President, for the purpose of responding to an inquiry received;
• The Department of Justice, for investigating and prosecuting violations of the Social Security Act, and investigating issues of fraud or violations of civil rights;
• Federal, State and local law enforcement agencies and private contractors, for the safety and security of SSA employees, customers, and facilities;
• Federal, State, and local professional licensing boards, when such records indicate a violation of ethical conduct by a current or former employee who is seeking to be licensed or is licensed before the professional board;
• A Federal or State agency in response to its request, or at our initiation, in connection with decisions to hire an employee, issue a security clearance, conduct a security or suitability investigation of a person, classify a job, award a contract, or regarding the requesting agency's decision to issue a license, grant, or other benefit; and
• To the U.S. Department of the Treasury, when disclosure of the information is relevant to review SSA's payment and award eligibility through Do Not Pay Working System for the purposes of identifying, preventing or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered federally funded program. This routine use will be applied when disclosure meets the requirements in 20 CFR 401.150(c).
Lastly, we are expanding the policies and practices for the retrieval of records to include employer identification numbers and the CE provider's Social Security number. We are clarifying the policies and practices for retention and disposal of records to reflect the accurate records schedules. We are modifying the administrative, technical, and physical safeguards for easier reading. We are modifying the notice throughout to correct miscellaneous stylistic formatting and typographical errors of the previously published notice, and to ensure the language reads consistently across multiple systems. We are republishing the entire notice for ease of reference.
In accordance with 5 U.S.C. 552a(r), we provided a report to OMB and Congress on this modified system of records.
Matthew Ramsey,
Head of Privacy and Disclosure Policy, Law and Policy.
**SYSTEM NAME AND NUMBER:**
Disability Determination Services (DDS) Consultative Examination (CE) Provider File, 60-0046.
**SECURITY CLASSIFICATION:**
Unclassified.
**SYSTEM LOCATION:**
Information is located at the Offices of State DDSs (See Appendix B at *https://www.ssa.gov/privacy/sorn/app_b.htm* for more information) who have established a relationship with the individual providing CEs.
Information may also be maintained in a centralized location at: Social Security Administration, Chief Information Officer, National Computer Center, 6401 Security Boulevard, Baltimore, MD 21235-6401.
Information is also located in additional locations in connection with cloud-based services and kept at an additional location as backup for business continuity purposes.
**SYSTEM MANAGER(S):**
Social Security Administration, Disability Adjudication, National Disability Determination Services, State Disability Services, 6401 Security Boulevard, Baltimore, MD 21235, (410) 965-5855.
**AUTHORITY FOR MAINTENANCE OF THE SYSTEM:**
Sections 205(a), 221, 702(a), 1631(d)(1), and 1633 of the Social Security Act, as amended.
**PURPOSE(S) OF THE SYSTEM:**
We will use the information in this system in the selection of a qualified consultative examiner or other qualified medical source, when we need additional medical evidence to help us make disability determinations under titles II and XVI of the Social Security Act.
**CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:**
This system maintains information about individuals who provide CEs for the DDS. This may include a claimant's own medical sources or other qualified individuals who express a willingness to conduct a CE for the DDS, *e.g.,* licensed doctors, psychologists, social workers, nurses, audiologists, and speech/language pathologists.
**CATEGORIES OF RECORDS IN THE SYSTEM:**
This system maintains information related to individuals who perform CEs. These records include, but are not limited to, name; tax identification number, *e.g.,* Social Security number (SSN) or employee identification number (EIN); address; medical license number and credential information, including license number and expiration date; images of CE provider photo identification cards; documentation as to the timeliness and quality of CE reports, fees received for performing CEs, and results of site visits and other agency oversight activities; federal program exclusion information; and comments on the medical source's preferences, *e.g.,* schedule and appointment hours. This system may also maintain information the DDS may share with SSA concerning investigations of the CE.
**RECORD SOURCE CATEGORIES:**
We obtain information in this system from qualified medical sources and various local, State, and Federal agencies.
**ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:**
We will disclose records pursuant to the following routine uses; however, we will not disclose any information defined as “return or return information” under 26 U.S.C. 6103 of the Internal Revenue Code (IRC), unless authorized by statute, the Internal Revenue Service (IRS), or IRS regulations.
1. To a congressional office in response to an inquiry from that office made on behalf of, and at the request of, the subject of the record.
2. To the Department of Justice (DOJ), a court or other tribunal, or another party before such court or tribunal, when:
(a) SSA, or any component thereof; or
(b) any SSA employee in the employee's official capacity; or
(c) any SSA employee in the employee's individual capacity where DOJ (or SSA where it is authorized to do so) has agreed to represent the employee; or
(d) the United States or any agency thereof where SSA determines the litigation is likely to affect SSA or any of its components, SSA is a party to the litigation or has an interest in such litigation, and SSA determines that the use of such records by DOJ, a court or other tribunal, or another party before the tribunal is relevant and necessary to the litigation, provided, however, that in each case, we determine that such disclosure is compatible with the purpose for which the records were collected.
3. To contractors and other Federal agencies, as necessary, for the purpose of assisting SSA in the efficient administration of its programs. We disclose information under this routine use only in situations in which we may enter into a contractual or similar agreement with a third party to assist in accomplishing an agency function relating to this system of records.
4. To the National Archives and Records Administration (NARA) under 44 U.S.C. 2904 and 2906.
5. To student volunteers, individuals working under a personal services contract, and other workers who technically do not have the status of Federal employees, when they are performing work for SSA, as authorized by law, and they need access to personally identifiable information (PII) in SSA records in order to perform their assigned agency functions.
6. To the Secretary of Health and Human Services or to any State, any record or information requested in writing by the Secretary for the purpose of administering any program administered by the Secretary, if we disclosed records or information of such type under applicable rules, regulations, and procedures in effect before the date of enactment of the Social Security Independence and Program Improvements Act of 1994.
7. To appropriate agencies, entities, and persons when:
(a) SSA suspects or has confirmed that there has been a breach of the system of records;
(b) SSA has determined that, as a result of the suspected or confirmed breach, there is a risk of harm to individuals, SSA (including its information systems, programs, and operations), the Federal Government, or national security; and
(c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with SSA's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
8. To another Federal agency or Federal entity, when SSA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in:
(a) responding to a suspected or confirmed breach; or
(b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
9. To the Office of the President in response to an inquiry from that office made on behalf of, and at the request of, the subject of the record or a third party acting on the subject's behalf.
10. To the DOJ, for the purposes of:
(a) investigating and prosecuting violations of the Act to which criminal penalties attach; and
(b) investigating issues of fraud or violations of civil rights by officers or SSA employees.
11. To Federal, State, and local law enforcement agencies and private security contractors, as appropriate, information necessary:
(a) to enable them to protect the safety of SSA employees and customers, the security of the SSA workplace, the operation of SSA facilities, or
(b) to assist investigations or prosecutions with respect to activities that affect such safety and security or activities that disrupt the operations of SSA facilities.
12. To Federal, State, and local professional licensing boards, at our initiative or at the request of the licensing board, when such records indicate a violation of ethical conduct by a current or former employee who is seeking to be licensed or is licensed before the professional board.
13. To a Federal or State agency in response to its request, or at our initiation, in connection with decisions to hire an employee, issue a security clearance, conduct a security or suitability investigation of a person, classify a job, award a contract, or regarding the requesting agency's decision to issue a license, grant, or other benefit. We may disclose for lawful statutory administrative or investigative purpose to the extent that the information is relevant and necessary to the requesting agency's decision.
14. To the U.S. Department of the Treasury, when disclosure of the information is relevant to review SSA's payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program. This routine use will be applied when disclosure meets the requirements in 20 CFR 401.150(c).
**POLICIES AND PRACTICES FOR STORAGE OF RECORDS:**
We will maintain records in this system in electronic and paper form.
**POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:**
We will retrieve records by EIN, or the CE provider's name or SSN.
**POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:**
In accordance with NARA rules codified at 36 CFR 1225.16, we maintain records in accordance with NARA-approved agency-specific records schedule, N1-047-05-001, and NARA's General Records Schedule (GRS) 5.2, items 010 and 020.
**ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:**
We retain electronic and paper files containing personal identifiers in secure storage areas accessible only by authorized individuals, including our employees and contractors, who have a need for the information when performing their official duties. Security measures include, but are not limited to, the use of codes and profiles, personal identification number and password, and personal identification verification cards. We restrict access to specific correspondence within the system based on assigned roles and authorized users. We use audit mechanisms to record sensitive transactions as an additional measure to protect information from unauthorized disclosure or modification.
We annually provide authorized individuals, including our employees and contractors, with appropriate security awareness training that includes reminders about the need to protect PII and the criminal penalties that apply to unauthorized access to, or disclosure of, PII (5 U.S.C. 552a(i)(1)). Furthermore, authorized individuals with access to databases maintaining PII must annually sign a sanction document that acknowledges their accountability for inappropriately accessing or disclosing such information.
**RECORD ACCESS PROCEDURES:**
Individuals may submit requests for information about whether this system contains a record about them by submitting a written request to the system manager at the above address, which includes their name, SSN, or other information that may be in this system of records that will identify them. Individuals requesting notification of, or access to, a record by mail must include: (1) a notarized statement to us to verify their identity; or (2) must certify in the request that they are the individual they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.
Individuals requesting notification of, or access to, records in person must provide their name, SSN, or other information that may be in this system of records that will identify them, as well as provide an identity document, preferably with a photograph, such as a driver's license. Individuals lacking identification documents sufficient to establish their identity must certify in writing that they are the individual they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense.
These procedures are in accordance with our regulations at 20 CFR 401.40 and 401.45.
**CONTESTING RECORD PROCEDURES:**
Same as record access procedures. Individuals should also reasonably identify the record, specify the information they are contesting, and state the corrective action sought and the reasons for the correction with supporting justification showing how the record is incomplete, untimely, inaccurate, or irrelevant. These procedures are in accordance with our regulations at 20 CFR 401.65(a).
**NOTIFICATION PROCEDURES:**
Same as record access procedures. These procedures are in accordance with our regulations at 20 CFR 401.40 and 401.45.
**EXEMPTIONS PROMULGATED FOR THE SYSTEM:**
None.
**HISTORY:**
71 FR 1811 (January 11, 2006), DDS Consultant File.
72 FR 69723 (December 10, 2007), DDS Consultant File.
83 FR 54969 (November 1, 2018), DDS Consultant File.