Common use of SSN VERIFICATION AND USE Clause in Contracts

SSN VERIFICATION AND USE. SSA will verify SSNs solely for the purpose(s) specified on the individual Consent Forms associated with the verification requests (Form SSA-89, Authorization for SSA to Release SSN Verification – Attachment A). The Requesting Party may use the verified SSN only for the purpose(s) specified by the individual signing Form SSA-89 (“the Client”). Exceeding the scope of the consent could violate state or Federal law and subject the Requesting Party to legal consequences. SSA recognizes that the Requesting Party may seek verification of the Client’s SSN on behalf of a business organization (“the Principal”) pursuant to the terms of the Consent Form. In this case, the Requesting Party shall ensure that the Principal agrees that it shall use the verification only for the purpose stated in the Consent Form, and shall make no further use or re-disclosure of the verification. The information received from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an agency under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000. SSA’s verification of an SSN does not provide proof or confirmation of identity. A standardized Consent Form, Form SSA-89 (Authorization for SSA to Release SSN Verification), is included as Attachment A to this User Agreement. SSA will provide SSN verification information only about individuals from whom the Requesting Party has obtained a signed Form SSA-89. The Requesting Party must obtain a signed Form SSA-89 from each person for whom SSN verification is sought. Date of birth must be completed on the Consent Form. No alterations may be made to the Form SSA-89. The Requesting Party shall not request an SSN verification from SSA prior to receiving physical possession of a signed Form SSA-89. The request for SSN verification must be received by SSA within 90 days from the date the Form SSA-89 is signed, unless the individual signing the Form SSA-89 (the Client) has established an alternate timeframe. If the Client has established an alternate timeframe, the request must be received by SSA within the alternate timeframe. The Requesting Party must retain the signed Forms SSA-89 for a period of seven years from the date of verification. The Requesting Party may retain the signed Form SSA-89 electronically or on paper. The Requesting Party shall protect the confidentiality of Forms SSA-89 and the information contained on them and protect the associated record of SSN verification. The Requesting Party is also required to protect the Forms SSA-89 from loss or destruction by taking the measures below. If the Requesting Party chooses to retain Forms SSA-89 in paper format, the Requesting Party must store the Forms SSA-89 in a locked, fireproof storage receptacle. Access to this receptacle shall be restricted to those individuals who were authorized on Form SSA-88 (Pre-Approval Form for CBSV – Attachment C). If the Requesting Party chooses to retain Forms SSA-89 electronically, the Requesting Party shall password protect any electronic files used for storage, restrict access to the files to authorized individuals, and ensure disaster recovery procedures are in place and have been followed. If data is stored on removable electronic media (such as CDs) the Requesting Party must encrypt the data. Any removable electronic media shall be stored in a locked, fireproof storage receptacle. When either of the electronic storage means above is used, the original paper consent forms will be destroyed. SSA may make onsite inspections of the requester’s site including a systems review to ensure that the above required precautions have been taken to protect the Forms SSA-89 and the information contained on the forms and to assess system security overall. Each request submitted to SSA shall contain a data field indicating that to the user's best information, knowledge, or belief, the request is supported by a valid signed and dated consent form in accordance with all requirements under this Agreement. In addition, each Authorized User shall, upon registration as an Authorized User, sign a certification form (i) indicating that the user shall submit requests to SSA only when the user has information, knowledge, or a reasonable belief that the requests are supported by the requisite consent forms, and (ii) acknowledging that any request submitted to SSA without a reasonable basis for believing it is supported by the requisite consent form is subject to appropriate penalties.

SSN VERIFICATION AND USE. SSA will verify SSNs solely for the purpose(s) purposes specified on the individual Consent Forms associated with the verification requests (Form SSA-89, Authorization for SSA to Release SSN Verification – Attachment A)B) associated with the verification requests. The Requesting Party may must use the verified SSN only for the purpose(s) specified by the individual signing Form SSA-89 (“the Client”). Exceeding the scope of the consent could violate as specified in the signed Consent Form violates state or Federal and federal law and subject subjects the Requesting Party to legal consequencescivil and criminal liability. SSA recognizes that the Requesting Party may seek verification of the Client’s SSN on behalf of a business organization (“the Principal”) Principal pursuant to the terms of the Client’s Consent Form. In this case, the Requesting Party shall ensure that the Principal agrees that it shall in writing to use the verification only for the purpose stated in the Consent Form, and shall make no further use or re-disclosure redisclosure of the verificationverified SSN. This relationship shall be subjected to the contractual obligations as specified in this document. The information received obtained from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an agency under false pretenses shall will be guilty of a misdemeanor and fined not more than $5,000. SSA’s verification of an SSN does not provide proof or confirmation of identity. A standardized Consent Form, Form SSA-89 (Authorization for SSA CBSV is designed to Release provide you with only a “yes” or “no” verification of whether the SSN Verification), is included as Attachment A to this User Agreement. SSA will provide SSN verification information only about individuals from whom the Requesting Party has obtained a signed Form SSA-89. The Requesting Party must obtain a signed Form SSA-89 from each person for whom SSN verification is sought. Date of birth must be completed on the Consent Form. No alterations may be made to the Form SSA-89. The Requesting Party shall not request an SSN verification from SSA prior to receiving physical possession of a signed Form SSA-89. The request for SSN verification must be received by SSA within 90 days from the date the Form SSA-89 is signed, unless the individual signing the Form SSA-89 (the Client) has established an alternate timeframeverified with SSA’s records. If our records show that the Client has established SSN holder is deceased, CBSV returns a death indicator. CBSV verifications do not verify an alternate timeframeindividual's identity. CBSV does not verify employment eligibility, nor does it interface with the request must be received by SSA within the alternate timeframe. The Requesting Party must retain the signed Forms SSA-89 for a period Department of seven years from the date of verification. The Requesting Party may retain the signed Form SSA-89 electronically or on paper. The Requesting Party shall protect the confidentiality of Forms SSA-89 and the information contained on them and protect the associated record of SSN verification. The Requesting Party is also required to protect the Forms SSA-89 from loss or destruction by taking the measures below. If the Requesting Party chooses to retain Forms SSA-89 in paper format, the Requesting Party must store the Forms SSA-89 in a locked, fireproof storage receptacle. Access to this receptacle shall be restricted to those individuals who were authorized on Form SSA-88 Homeland Security’s (Pre-Approval Form for CBSV – Attachment C). If the Requesting Party chooses to retain Forms SSA-89 electronically, the Requesting Party shall password protect any electronic files used for storage, restrict access to the files to authorized individualsDHS) verification system, and ensure disaster recovery procedures are in place and have been followed. If data is stored on removable electronic media (such as CDs) the Requesting Party must encrypt the data. Any removable electronic media shall be stored in a locked, fireproof storage receptacle. When either of the electronic storage means above is used, the original paper consent forms it will be destroyed. SSA may make onsite inspections of the requesternot satisfy DHS’s site including a systems review to ensure that the above required precautions have been taken to protect the Forms SSA-89 and the information contained on the forms and to assess system security overall. Each request submitted to SSA shall contain a data field indicating that to the user's best information, knowledge, or belief, the request is supported by a valid signed and dated consent form in accordance with all requirements under this Agreement. In addition, each Authorized User shall, upon registration as an Authorized User, sign a certification form (i) indicating that the user shall submit requests to SSA only when the user has information, knowledge, or a reasonable belief that the requests are supported by the requisite consent forms, and (ii) acknowledging that any request submitted to SSA without a reasonable basis for believing it is supported by the requisite consent form is subject to appropriate penaltiesI-9 requirements.

SSN VERIFICATION AND USE. SSA will verify SSNs solely for the purpose(s) specified on the individual Consent Forms associated with the verification requests (Form SSA-89, Authorization for SSA to Release SSN Verification – Attachment A). The Requesting Party may use the verified SSN only for the purpose(s) specified by the individual signing Form SSA-89 (“the Client”). Exceeding the scope of the consent could violate state or Federal law and subject the Requesting Party to legal consequences. SSA recognizes that the Requesting Party may seek verification of the Client’s SSN on behalf of a business organization (“the Principal”) pursuant to the terms of the Consent Form. In this case, the Requesting Party shall ensure that the Principal agrees that it shall use the verification only for the purpose stated in the Consent Form, and shall make no further use or re-re- disclosure of the verification. The information received from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an agency under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000. SSA’s verification of an SSN does not provide proof or confirmation of identity. A standardized Consent Form“NOTE: CBSV is designed to provide you with only a “yes” or “no” verification of whether the SSN verified with SSA’s records. CBSV does not verify employment eligibility, Form SSA-89 nor does it interface with the Department of Homeland Security (Authorization for SSA to Release SSN Verification), is included as Attachment A to this User Agreement. SSA will provide SSN DHS) verification information only about individuals from whom the Requesting Party has obtained a signed Form SSA-89. The Requesting Party must obtain a signed Form SSA-89 from each person for whom SSN verification is sought. Date of birth must be completed on the Consent Form. No alterations may be made to the Form SSA-89. The Requesting Party shall not request an SSN verification from SSA prior to receiving physical possession of a signed Form SSA-89. The request for SSN verification must be received by SSA within 90 days from the date the Form SSA-89 is signed, unless the individual signing the Form SSA-89 (the Client) has established an alternate timeframe. If the Client has established an alternate timeframe, the request must be received by SSA within the alternate timeframe. The Requesting Party must retain the signed Forms SSA-89 for a period of seven years from the date of verification. The Requesting Party may retain the signed Form SSA-89 electronically or on paper. The Requesting Party shall protect the confidentiality of Forms SSA-89 and the information contained on them and protect the associated record of SSN verification. The Requesting Party is also required to protect the Forms SSA-89 from loss or destruction by taking the measures below. If the Requesting Party chooses to retain Forms SSA-89 in paper format, the Requesting Party must store the Forms SSA-89 in a locked, fireproof storage receptacle. Access to this receptacle shall be restricted to those individuals who were authorized on Form SSA-88 (Pre-Approval Form for CBSV – Attachment C). If the Requesting Party chooses to retain Forms SSA-89 electronically, the Requesting Party shall password protect any electronic files used for storage, restrict access to the files to authorized individualssystem, and ensure disaster recovery procedures are in place and have been followed. If data is stored on removable electronic media (such as CDs) the Requesting Party must encrypt the data. Any removable electronic media shall be stored in a locked, fireproof storage receptacle. When either of the electronic storage means above is used, the original paper consent forms it will be destroyed. SSA may make onsite inspections of the requesternot satisfy DHS’s site including a systems review to ensure that the above required precautions have been taken to protect the Forms SSA-89 and the information contained on the forms and to assess system security overall. Each request submitted to SSA shall contain a data field indicating that to the user's best information, knowledge, or belief, the request is supported by a valid signed and dated consent form in accordance with all requirements under this Agreement. In addition, each Authorized User shall, upon registration as an Authorized User, sign a certification form (i) indicating that the user shall submit requests to SSA only when the user has information, knowledge, or a reasonable belief that the requests are supported by the requisite consent forms, and (ii) acknowledging that any request submitted to SSA without a reasonable basis for believing it is supported by the requisite consent form is subject to appropriate penaltiesI-9 requirements.”

SSN VERIFICATION AND USE. 1) SSA will verify SSNs solely for the purpose(s) specified on the individual Consent Forms associated with the verification requests (Form SSA-89, Authorization for SSA to Release SSN Verification – Attachment A). The Requesting Party may use the verified SSN only for the purpose(s) specified by the individual signing Form SSA-89 (“the Client”). Exceeding the scope of the consent could violate state or Federal law and subject the Requesting Party to legal consequences. . 2) SSA recognizes that the Requesting Party may seek verification of the Client’s SSN on behalf of a business organization (“the Principal”) pursuant to the terms of the Consent Form. In this case, the Requesting Party shall ensure that the Principal agrees that it shall use the verification only for the purpose stated in the Consent Form, and shall make no further use or use/re-disclosure of the verification. . 3) The information received from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3552a (i) (3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an agency under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000. SSA’s verification of an SSN does not provide proof or confirmation of identity. 4) CBSV provides only a validation of whether the SSN verified with SSA’s records. SECTION E: CONSENT A standardized sample Consent Form, Form SSA-89 (Authorization for SSA to Release SSN Verification), is included as Attachment A to this User Agreement. SSA will provide SSN verification information only about individuals from whom the Requesting Party has obtained a signed Form SSA-89. The Requesting Party must obtain a signed Form SSA-89 from each person for whom SSN verification is sought. Date of birth must be completed on the Consent Form. No alterations may be made to the Form SSA-89, unless the individual is changing the date for how long the consent is valid. That change must be annotated and initialed in the space provided on the form. The Requesting Party shall not request an SSN verification from SSA prior to receiving physical possession of a signed Form SSA-89. The request for SSN verification must be received by SSA within 90 days from the date the Form SSA-89 is signed, unless the individual signing the Form SSA-89 (the Client) has established an alternate timeframe. If the Client has established an alternate timeframe, the request must be received by SSA within the alternate timeframe. The • Requesting Party (CID) must retain the signed Forms SSA-89 SSA-89s for a period of seven years from the date of verification. The • Requesting Party (CID) may retain the signed Form SSA-89 electronically or on paper. The • Requesting Party (CID)/Principal (Customer) shall protect the confidentiality of Forms SSA-89 and the information contained on them and protect the associated record of SSN verification. The • Requesting Party (CID)/Principal (Customer) is also required to protect the Forms SSA-89 SSA-89s from loss or destruction by taking the measures below. • If the Requesting Party Party/Principal chooses to retain Forms SSA-89 SSA-89s in paper format, the Requesting Party Party/Principal must store the Forms SSA-89 SSA-89s in a locked, fireproof storage receptacle. • Access to this receptacle shall be restricted to those individuals who were authorized on Form SSA-88 (Pre-Approval Form for CBSV – Attachment C)are Authorized Users. • If the Requesting Party Party/Principal chooses to retain Forms SSA-89 SSA-89s electronically, the Requesting Party Party/Principal shall password protect any electronic files used for storage, restrict access to the files to authorized individuals, and ensure disaster recovery procedures are in place and have been followed. If data is stored on removable electronic media (such as CDs) the Requesting Party Party/Principal must encrypt the data. Any removable electronic media shall be stored in a locked, fireproof storage receptacle. When either of the electronic storage means above is used, the original paper consent forms will be destroyed. SSA may make onsite inspections of the requester’s site including a systems review to ensure that the above required precautions have been taken to protect the Forms SSA-89 and the information contained on the forms and to assess system security overall. • Each request submitted to SSA shall contain a data field indicating that to the user's best information, knowledge, or belief, the request is supported by a valid signed and dated consent form in accordance with all requirements under this Agreement. In addition, each Authorized User shall, upon registration as an Authorized User, sign a certification form (i) indicating that the user shall submit requests to SSA only when the user has information, knowledge, or a reasonable belief that the requests are supported by the requisite consent forms, and (ii) acknowledging that any request submitted to SSA without a reasonable basis for believing it is supported by the requisite consent form is subject to appropriate penalties.

SSN VERIFICATION AND USE. SSA will verify SSNs solely for the purpose(s) specified on the individual Consent Forms associated with the verification requests (Form SSA-89, Authorization for SSA to Release SSN Verification – Attachment A). The Requesting Party may use the verified SSN only for the purpose(s) specified by the individual signing Form SSA-89 (“the Client”). Exceeding the scope of the consent could violate state or Federal law and subject the Requesting Party to legal consequences. SSA recognizes that the Requesting Party may seek verification of the Client’s SSN on behalf of a business organization (“the Principal”) pursuant to the terms of the Consent Form. In this case, the Requesting Party shall ensure that the Principal agrees that it shall use the verification only for the purpose stated in the Consent Form, and shall make no further use or re-disclosure of the verification. The information received from records maintained by SSA is protected by Federal statutes and regulations, including 5 U.S.C. § 552a(i)(3552a (i) (3) of the Privacy Act. Under this section, any person who knowingly and willfully requests or obtains any record concerning an individual from an agency under false pretenses shall be guilty of a misdemeanor and fined not more than $5,000. SSA’s verification of an SSN does not provide proof or confirmation of identity. A standardized Consent Form“NOTE: CBSV is designed to provide you with only a “yes” or “no” verification of whether the SSN verified with SSA’s records. CBSV does not verify employment eligibility, Form SSA-89 nor does it interface with the Department of Homeland Security (Authorization for SSA to Release SSN Verification)DHS) verification system, is included as Attachment A to this User Agreement. SSA and it will provide SSN verification information only about individuals from whom the Requesting Party has obtained a signed Form SSA-89. The Requesting Party must obtain a signed Form SSA-89 from each person for whom SSN verification is sought. not satisfy DHS’s I-9 Employment Verification requirements.” SECTION E: CONSENT Date of birth must be completed on the Consent Form. No alterations may be made to the Form SSA-89, unless the individual is changing the date for how long the consent is valid. That change must be annotated and initialed in the space provided on the form. The Requesting Party shall not request an SSN verification from SSA prior to receiving physical possession of a signed Form SSA-89. The request for SSN verification must be received by SSA within 90 days from the date the Form SSA-89 is signed, unless the individual signing the Form SSA-89 (the Client) has established an alternate timeframe. If the Client has established an alternate timeframe, the request must be received by SSA within the alternate timeframe. The • Requesting Party (CID) must retain the signed Forms SSA-89 SSA-89s for a period of seven years from the date of verification. The • Requesting Party (CID) may retain the signed Form SSA-89 electronically or on paper. The • Requesting Party (CID)/Principal (Customer) shall protect the confidentiality of Forms SSA-89 and the information contained on them and protect the associated record of SSN verification. The • Requesting Party (CID)/Principal (Customer) is also required to protect the Forms SSA-89 SSA-89s from loss or destruction by taking the measures below. • If the Requesting Party Party/Principal chooses to retain Forms SSA-89 SSA-89s in paper format, the Requesting Party Party/Principal must store the Forms SSA-89 SSA-89s in a locked, fireproof storage receptacle. • Access to this receptacle shall be restricted to those individuals who were authorized on Form SSA-88 (Pre-Approval Form for CBSV – Attachment C)are Authorized Users. • If the Requesting Party Party/Principal chooses to retain Forms SSA-89 SSA-89s electronically, the Requesting Party Party/Principal shall password protect any electronic files used for storage, restrict access to the files to authorized individuals, and ensure disaster recovery procedures are in place and have been followed. If data is stored on removable electronic media (such as CDs) the Requesting Party Party/Principal must encrypt the data. Any removable electronic media shall be stored in a locked, fireproof storage receptacle. When either of the electronic storage means above is used, the original paper consent forms will be destroyed. SSA may make onsite inspections of the requester’s site including a systems review to ensure that the above required precautions have been taken to protect the Forms SSA-89 and the information contained on the forms and to assess system security overall. • Each request submitted to SSA shall contain a data field indicating that to the user's best information, knowledge, or belief, the request is supported by a valid signed and dated consent form in accordance with all requirements under this Agreement. In addition, each Authorized User shall, upon registration as an Authorized User, sign a certification form (i) indicating that the user shall submit requests to SSA only when the user has information, knowledge, or a reasonable belief that the requests are supported by the requisite consent forms, and (ii) acknowledging that any request submitted to SSA without a reasonable basis for believing it is supported by the requisite consent form is subject to appropriate penalties.