Sponsors (150)
The bill increases privacy protections, faster investigations, and stronger remedies for Social Security beneficiaries at the cost of higher administrative and litigation risks and possible operational slowdowns or reporting trade-offs that could raise taxpayer costs and complicate legitimate oversight activities.
Seniors, retirees, and people with disabilities will have their Social Security records (SSNs, benefit and medical/eligibility data) less exposed because the bill restricts who can access high-risk SSA systems and strengthens data governance.
Individuals whose Social Security information is mishandled gain a concrete financial remedy (minimum $5,000 per violation or actual damages) and fee-shifting for prevailing plaintiffs, making it easier to obtain compensation and enforce their rights.
Beneficiaries get faster, clearer incident response and notification (OIG must investigate and report within 30 days with detailed incident descriptions and risk assessments), and Congress receives regular interim and final reports, improving oversight, transparency, and beneficiaries' ability to protect themselves.
Federal agencies, the OIG, and the GAO will incur additional administrative and compliance costs (investigations, notifications, monthly and final reports), which could increase taxpayer expense or divert resources from other services and oversight priorities.
The threat of statutory damages and expanded litigation (including potential suits against the United States for negligent disclosures) could raise taxpayer liability and lead private contractors to adopt costly defensive practices.
Barring political appointees and special government employees (SGEs) from direct access to SSA systems may slow oversight, policy review, or contractor work that relies on system access, forcing workarounds that increase operational costs or delays.
Based on analysis of 7 sections of legislative text.
Bars political appointees and special government employees from SSA beneficiary systems, creates a private right of action for unauthorized access/disclosure, requires OIG and GAO reporting, and preserves 20 C.F.R. part 401 as of 1/19/2025.
Introduced March 5, 2025 by John B. Larson · Last progress March 5, 2025
Prohibits political appointees and special government employees from accessing Social Security beneficiary data systems and creates a private right of action for negligent or unauthorized access or disclosure of Social Security information. It requires the SSA Inspector General to investigate improper accesses/disclosures and report quickly to Congress, directs the Government Accountability Office to study and report on effects, and preserves the text of 20 C.F.R. part 401 as it existed on January 19, 2025. The bill sets damages for harmed individuals, outlines a two‑year statute of limitations from discovery, requires notice to affected people in certain enforcement situations, and makes the new prohibitions and enforcement rules effective only for violations occurring on or after enactment.