Add to collection(s) Add to saved
  1. Science
  2. Biology
  3. Biochemistry
  4. Genetics

Removing the social security number (SSN) as the key identifier for students

advertisement 
Strategic Issue
Issue: Whether removing the social security number (SSN) as the key identifier for students is
within the scope of the Student System Project.
PRISM #: 009
Student System Project Contact (PRISM Issue Owner): Charles Grisham
Scope Type:
Issue Priority:
General |
Critical |
School/Unit Issue |
High |
Medium |
Coordinating Project
Low
Impact Statement:
 It is best practice to avoid the use of the SSN as the key identifier in any electronic system, and to assign to students an ID
number that is distinguished from their SSNs. Many systems deliver the capability of generating random ID numbers as well as
the capacity to create “smart” ID numbers (i.e., numbers keyed to major, school, the level of the student, etc. SSN is, however,
recorded in a student system when it is required for particular transactions.
 Use of SSN as the key identifier may challenge security (identity theft).
 The University of Virginia currently uses SSN as the student ID number. Because their use is therefore required in ISIS, SSNs
are disseminated throughout many “sending” and “receiving” databases and systems across the University. In addition, the
SSN is currently used by the University as the best and only unique identifier that validates identity among 15-20 systems
across the University.
 A group tasked by the Integrated System Executive Committee currently is studying where and how the SSN is used at the
University.
 A proposal is under development that, if approved, will offer students the opportunity to receive a new identifier that replaces
SSN as the ID to sign-on to ISIS Online.
 The new student system must retain the ability to store social security and Individual Taxpayer Identification Numbers (ITINs).
The Internal Revenue Service issues ITIN numbers to non-resident and resident aliens for federal tax purposes only.
 This issue will affect all schools and departments of the University, and has potential impact for alumni who conduct online
transactions.
 Schools and departments must include planning for the conversion from SSN to newly assigned student ID number as an
activity associated with the implementation of the new student system.
Options and Implications:
1. Removing the social security number as the key identifier for students is outside the scope of the Student System Project. In
this option, the SSN remains the key to the student system and all shadow systems across the University, thus leaving security
issues unaddressed. The University will be in violation of best practice. In addition, a customization to the new system will be
required during implementation because vendor-supplied systems currently allow only a student-identifier field length of 7
digits instead of the 9 digit SSN.
2. Removing the social security number as the key identifier for students is outside the scope of the Student System Project. In
this option, students receive a new identifier prior to the implementation of the new student system. If this option is carried out,
the SSP should be involved to assure integration of information related to the functionality of a new student information system
in the change.
3. Removing the social security number as the key identifier is within the scope of the Student System Project. In this option,
delivered functionality in the student system will be exploited. Routine system transactions do not reveal the SSN, and student
identity is secured. The SSN is available only for compliance purposes. This option requires schools and departments to
convert from SSN to the new student ID number during system implementation, and to purge SSN from their shadow systems
in order to avoid prolonging the SSN security risks.
D:\612926684.doc
1
Recommendation:
 Option 3: Removing the social security number (SSN) as the key identifier for students is within the scope of the Student
System Project.
Dependencies:
 ISIS Review Committee actions
 Collaboration between the ISIS Review Committee and SSP
 Delivered functionality of the new student information system
 Data conversion and the timing of data conversion
Next Steps (if in scope):
 The Project Team will be responsible for incorporating into the Project Plan the activities necessary to assign new student IDs
in the new software, for planning the implications for the new software, and for coordinating, planning, communicating, and
deploying conversion specifications.
Deadline for Executive Committee:
Decision by Executive Committee: Option 3: Removing the social security number (SSN) as the key identifier for students is
within the scope of the Student System Project.
Executive Committee Reviewer/Approver: : Full IS Executive Committee
Signature of Reviewer: Gene Block
D:\612926684.doc
Date: 1/24/06
2
Related documents
Day Care FSA Receipt for Services
Day Care FSA Receipt for Services
SSN Access Request Form
SSN Access Request Form
Operational Services
Operational Services
SSN process for temporary SSN
SSN process for temporary SSN
Document11856626 11856626
Document11856626 11856626
Download
advertisement