Bill Summary
The "Protecting Seniors' Data Act of 2025" is legislation aimed at enhancing the security and integrity of the computer systems used by the Social Security Administration (SSA). Here’s a brief overview of its key provisions:
1. **Audit Requirement**: The Act mandates that within 60 days of its enactment, the Comptroller General of the United States must begin a comprehensive audit of SSA's computer systems and networks. This audit will assess potential security vulnerabilities and software bugs, particularly those related to access by certain government employees and volunteers.
2. **Privacy Law Compliance**: The audit will also evaluate whether any federal privacy laws have been violated, including the Privacy Act of 1974 and the Federal Information Security Management Act.
3. **Reporting**: The Comptroller General is required to submit a detailed report of the audit findings to specific congressional committees and the SSA Commissioner within one year. This report will include recommendations for both legislative and administrative actions to improve system security.
4. **Response to Findings**: Upon receiving the audit report, the SSA Commissioner must address any identified vulnerabilities or bugs within 90 days and report back to Congress on the status of these issues.
Overall, this legislation aims to protect sensitive data related to seniors by ensuring that the SSA's computer systems are secure and compliant with privacy regulations.
Possible Impacts
The "Protecting Seniors' Data Act of 2025" could affect people in the following ways:
1. **Enhanced Security for Seniors' Data**: By requiring comprehensive audits of the Social Security Administration's computer systems, the legislation aims to identify and rectify potential security vulnerabilities. This increased focus on data security can help protect sensitive personal information of seniors, reducing the risk of identity theft and fraud, which are particularly concerning for older adults who may be more vulnerable.
2. **Informed Policy Changes**: The requirement for the Comptroller General to submit an audit report that includes recommendations for legislation and administrative actions can lead to informed policy decisions. This could result in new laws or regulations that further strengthen data privacy and security measures, benefiting not just seniors but all users of Social Security services.
3. **Accountability and Transparency**: By mandating the Social Security Administration to address vulnerabilities and report back on their status, the legislation promotes accountability. Seniors and the public can have greater confidence that the administration is taking necessary steps to safeguard their information, leading to increased trust in government services.
[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[S. 1943 Introduced in Senate (IS)]
<DOC>
119th CONGRESS
1st Session
S. 1943
To require performance and security audits of the computer systems of
the Social Security Administration, and for other purposes.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
June 4, 2025
Mr. Whitehouse (for himself, Mr. Wyden, and Ms. Warren) introduced the
following bill; which was read twice and referred to the Committee on
Finance
_______________________________________________________________________
A BILL
To require performance and security audits of the computer systems of
the Social Security Administration, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Protecting Seniors' Data Act of
2025''.
SEC. 2. COMPTROLLER GENERAL STUDY.
(a) In General.--Not later than 60 days after the date of enactment
of this Act, the Comptroller General of the United States shall
commence a comprehensive audit of the Social Security Administration
computer systems and networks accessed by the United States DOGE
Service, the U.S. DOGE Service Temporary Organization, or any employees
or volunteers affiliated with those agencies, or, if applicable,
associated agency DOGE teams, to identify security vulnerabilities or
bugs in software installed, created, or modified by such individuals or
entities, and whether such individuals or entities violated Federal
privacy laws, including section 552a of title 5, United States Code
(commonly referred to as the ``Privacy Act of 1974''), section 6103 of
the Internal Revenue Code, subchapter II of chapter 35 of title 44,
United States Code (commonly referred to as the ``Federal Information
Security Management Act''), or section 1106 of the Social Security Act
(42 U.S.C. 1306).
(b) Audit Report.--Not later than 1 year after the date of
enactment of this Act, the Comptroller General shall submit to the
Committee on Finance of the Senate, the Committee on Ways and Means of
the House of Representatives, and the Commissioner of the Social
Security Administration a report or reports describing the results of
the comprehensive systems audits performed under subsection (a),
including recommendations for legislation and administrative action as
the Comptroller General determines appropriate.
(c) Agency Action.--Not later than 90 days after receipt of an
audit report by the Commissioner of the Social Security Administration
under subsection (b), the Commissioner shall--
(1) fix any vulnerabilities or bugs identified in the
report; and
(2) submit to the Committee on Finance of the Senate and
the Committee on Ways and Means of the House of Representatives
a report on the status of those vulnerabilities or bugs.
<all>