We're generally taking the same steps that everyone else is to protect sensitive data. However a particpant is making waves that putting their SSN on a participant statement that is mailed to their home is a violation of HIPAA.
I have been unable to find any specific reference to to this point or the application to retirement plans.
Does anyone know if HIPAA prohibits putting an ssn on a statement?
Full Version: SSN on Participant Statement Prohibited by HIPAA?
I don't know about HIPPA, but FWIW, we have taken SSN's off everything that we send out.
Why would it? Doesn't the "H" stand for Health (plan)? More specifically, where is the protected health information?
I don't disagree that there may be other reasons for not putting an SSN on retirement plan statement.
I don't disagree that there may be other reasons for not putting an SSN on retirement plan statement.
Several states have privacy laws that include protection of SS#. I think California was first. We took SS# off statements a few years ago.
Why do you want to keep it on? Is it necessary?
Why do you want to keep it on? Is it necessary?
QUOTE (beppie_stark @ Aug 23 2007, 11:10 AM) 
Why do you want to keep it on? Is it necessary?
I agree. Don't fight this, just start using a "masked" SSN.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.