You are on page 1of 1

Department of Labor

Office of Inspector General


Office of Audit DECEMBER 2002

FECA’S CONTROL
OVER SOCIAL
Highlights of Report Number: 03-03-002-04-001, a
report to the Assistant Secretary, Employment
SECURITY NUMBERS
Standards Administration (ESA). December 20,
2002.
CAN BE IMPROVED
WHY READ THE REPORT WHAT OIG FOUND

The Employment Standards Administration’s Overall, our audit found that adequate
(ESA’s) Office of Workers’ Compensation controls exist over the access and use of
programs (OWCP) administers the Federal SSNs by contractors and other entities.
However, we identified several areas where
Employees Compensation Act (FECA)
program. FECA provides certain workers who OWCP can improve these controls. We found:
have work-related injuries or occupational
disease with compensation, medical • When a person signs the standard FECA claim
treatment, vocational rehabilitation, and other form, there is no acknowledgement of the
benefits. Dependents of these workers may Privacy Act Disclosure Statement.
also be eligible for benefits.
• OWCP does limited onsite monitoring of
Like other Federal benefit programs, FECA contrac tors and other entities that have
uses Social Security numbers (SSNs) in access to claimant files containing SSNs.
reviewing and awarding claims. As concerns
over identity theft grow, Congress and • OWCP does not provide some physicians,
Federal agencies want adequate controls over including those that provide second opinions,
access to and use of SSNs by contractors and with adequate notification of Privacy Act
other entities. requirements.

WHY OIG CONDUCTED THE AUDIT WHAT OIG RECOMMENDED

OIG audited OWCP’s management controls We recommended that OWCP:


over SSNs as part of a government-wide
initiative led by the President’s Council on • Revise standard FECA claim forms so that
Integrity and Efficiency (PCIE), comprised of claimants acknowledge the Privacy Act.
Presidentially appointed Inspectors General.
Our audit assessed access to, and the • Implement a more cost-effective,
disclosure and use of, SSN information by onsite-monitoring program to ensure
third parties. We conducted the audit from compliance with the requirements for
February to August 2002. safeguarding the access and use of
FECA claimants' SSNs.
READ THE FULL REPORT • Provide second opinion and Independent
Medical Examiner (IME) physicians a cover
http://www.oig.dol.gov/public/reports/oa letter notifying them of Privacy Act
/2003/03-03-002-04-001.pdf requirements.

To view the report, including the scope, • Explore the extent and cause of losses of
methodology, and full agency response, click claimant files or documents by IME physicians
on the link above. and take any necessary corrective action.