National Directory of New Hires Data Security

Issued Date
May 08, 2024
Agency/Authority
Temporary and Disability Assistance, Office of

Objective

To determine if the Office of Temporary and Disability Assistance has met federal requirements for securing National Directory of New Hires data. Our audit covered the period from March 2020 through January 2024.

About the Program

The Office of Temporary and Disability Assistance (OTDA) is responsible for supervising State programs that provide assistance and support to eligible families and individuals. Two such programs administered by OTDA are the Temporary Assistance for Needy Families (TANF) and the Supplemental Nutrition Assistance Program (SNAP). As part of managing these programs, OTDA obtains National Directory of New Hires (Directory) data provided by the Office of Child Support Enforcement (OCSE), a subdivision of the U.S. Department of Health and Human Services (Health and Human Services). The Directory data is comprised of information on new hires, quarterly wage, and unemployment insurance. OTDA uses Directory data to verify TANF and SNAP eligibility information. The identification and verification of this data helps OTDA identify and resolve any fraudulent activity by program recipients, as well as maintain program integrity.

All state agencies that receive and process Directory data must demonstrate a strong security posture and comply with the security requirements established by Health and Human Services and OCSE. The state agency also must comply with the Security Requirements for State Agencies Receiving National Directory of New Hires Data dated August 2021. These requirements define the administrative, technical, and physical security controls required to be implemented by the state agency prior to receiving Directory data.

Every 4 years, OTDA must submit a copy of an independent security assessment to OCSE. At the request of OTDA officials, we performed an independent security assessment of the Directory system security controls at OTDA.

Key Findings

OTDA has taken actions to comply with the federal requirements for securing Directory data. We found that OTDA is fully compliant with 31 of the 32 requirements; the remaining requirement was found to be not applicable due to current practices at OTDA.

Key Recommendation

Continue to maintain a system of controls that ensures compliance with federal requirements for securing Directory data.

Nadine Morrell

State Government Accountability Contact Information:
Audit Director
: Nadine Morrell
Phone: (518) 474-3271; Email: [email protected]
Address: Office of the State Comptroller; Division of State Government Accountability; 110 State Street, 11th Floor; Albany, NY 12236