In an effort to combat the growing problem of identity theft, the Michigan legislature enacted the Social Security Privacy Act (SSNPA) in 2005. Though most Michigan employers took steps to comply with SSNPA when it was enacted, since then there has been very little discussion of the Act’s requirements. Employers should, however, review their policies and training to ensure that they continue to comply the law.
Briefly, the SSNPA prohibits public displays of more than 4 sequential digits of the social security number (SSN) and the use of 4 or more sequential digits of the SSN in a variety of employment related documents and actions. For example, an employee’s primary account number may not contain more than 4 sequential digits of the SSN nor may an employer require an employee to transmit more than 4 sequential digits of his or her SSN over the internet or a computer system or network unless the connection is secure or the transmission is encrypted.
- Ensures to the extent practicable the confidentiality of the SSNs;
- Prohibits unlawful disclosure of the SSNs;
- Limits who has access to information or documents that contain the SSNs;
- Describes how to properly dispose of documents that contain the SSNs; and