Identity theft is a lasting and devastating crime. Victims spend years having to prove who they are while monitoring credit reports, fending off collection agencies or the IRS for charges they never made or wages they never earned. Some are picked up by law enforcement for crimes committed by the ID thief using their name.
Americans have every reason to be concerned.
According to the Congressional Research Service, in 2009 ID theft claimed over 11 million victims and cost consumers about $50 billion annually.
The Privacy Rights Clearinghouse reports the total number of known records that have been compromised due to security breaches beginning in January 2005 through last week topped 500 million.
Just yesterday, in my own State of Texas, the Comptroller’s office announced the largest security breach in State history. Some 3.5 million personal files were mistakenly left on a computer file available to the public, putting current and retired State employees at risk.
Even though Social Security numbers were created to track earnings for determining eligibility and benefit amounts under Social Security, these numbers are widely used as personal identifiers.
Some of the uses of these numbers in preventing fraud are vital to many commercial and government operations. Examples include enforcing child support, aiding law enforcement, and compiling information from many sources to help ensure the accuracy of credit reports.
But unfortunately, as pointed out by GAO in testimony before this Subcommittee, Social Security numbers have become the ‘identifier of choice’ and are used for every day business transactions. In fact, in their April 2007 report, the President’s Identity Theft Task Force identified the Social Security number as the “most valuable commodity for an identity thief.”
Even worse, identity theft continues to threaten our national security. As said in the 9/11 Commission Report, “Fraud in identification documents is no longer just a problem of theft. At many entry points to vulnerable facilities, including gates for boarding aircraft, sources of identification are the last opportunity to ensure that people are who they say they are and to check whether they are terrorists.”
Congress must get to work on identity theft, and limiting access to Social Security numbers is an excellent place to start.
For years, the Ways and Means Subcommittee on Social Security has been working on this problem in a bipartisan way.
We have approved bills to protect the privacy of Social Security numbers and prevent identity theft since the 106th Congress when it first approved the Social Security Number Privacy and Identity Theft Prevention Act.
That legislation was introduced on a bipartisan basis by then-Subcommittee Chairman Clay Shaw and then-ranking member, the late Bob Matsui.
Despite numerous attempts, Congress has not been able to close the deal. Sadly, Social Security number use is so widespread across so many industries that the Committees of jurisdiction have yet to reach agreement on the right approach to limiting their use.
Still, I believe this Committee can make progress. To that end, today I am reintroducing with Mr. Doggett the Medicare Identity Theft Prevention Act, a bill to remove the Social Security number from the Medicare card.
It makes no sense that people are told not to carry their Social Security card in order to protect their identity, but then every senior citizen is told they must carry their Medicare card, which displays their Social Security number.
The risk of ID theft goes far beyond the card being stolen. Every medical record at nursing homes, hospitals, and doctor offices has a Social Security number written on it.
The wholesale amount of Social Security numbers that are available to identity thieves is staggering and completely unnecessary.
The Centers for Medicare and Medicaid Services have refused to act. If they won’t do what’s right for America’s seniors, we will. I thank my colleague from Texas for his work on this important issue. I urge my colleagues to support this bill as well.
The problem of identity theft is not going to be addressed with one single piece of legislation, but protecting Medicare cards carried by 47 million Americans is an excellent place to start. I will say that if the military can remove SSNs, CMS should be no different.
I look forward to hearing from each of our witnesses, and thank them in advance for sharing with us their experiences and their recommendations.