NO MORE SSN: Deepening HIPAA Privacy with IDs
The use of Social Security Number as an individual’s main identifier is massive. From simple inquiry to complex transactions, almost every recognized institution uses SSN to verify one’s identity. However, because of its massive use and inevitable exposure, maintaining and protecting the secrecy of Social Security Numbers now becomes a huge concern. The more we use it, the more it gets exposed and the greater threat it poses to identity theft.
To address the continuing challenge of safeguarding SSN in many aspects, some institutions are on the move of changing the conventional way of verifying an individual’s identity. Instead of using SSN for verification purposes, some of these institutions offer a different set of unique numbers associated and assigned to their members. Though with good intensions of protecting a person’s SSN and lessening the threats of identity theft this action is raising tons of serious questions and claims.
Hospitals are among those practicing the use of other identifiers with their id used to authenticate members. Other healthcare providers are also on the same track of using a different system to verify the identity of their patients freeing the use of SSN. However, before an institution can pursue a different verification method, it must be clear that the new system will preserve an individual’s privacy.
The foundation of eliminating Social Security Numbers as Primary Identifiers imposed by these agencies is backed by existing laws and regulations concerning the protection of an individual’s privacy. Among the key factors of the move is the Privacy Act of 1974 which states that, denying an individual’s rights for refusing to dispose his or her SSN is an unlawful action. Further, the HIPAA Privacy Rule (the Health Insurance Portability and Accountability Act of 1996) and the HITECH Act define a Social Security number as protected health information.
Aside from the efforts exerted by the medical sector for HIPAA compliance, the government has issued guidelines towards to use of SSN. The “DoD Social Security Number (SSN) Reduction Plan” issued on March 28, 2008 elaborates the proper use of SSN. According to the memorandum, actions not included in the memorandum that uses SSN for verification will be considered unnecessary. These actions may use other forms of verification methods to identify and individual and grant his rights.