New “Death Master File” Limits Raise Data Access Concerns
It's an effort to prevent identity theft, but a new budget law provision that limits access to death records has researchers and consumer data groups—who claim to have legitimate needs for the data—concerned.
It’s a list that you’d literally only be caught dead on.
For years, the Social Security Administration has maintained the “Death Master File,” a registry that currently contains names and data on 86 million deceased Americans. Thanks to a 1980 court decision, the list has long been available to the public. Not anymore: An obscure provision of last month’s Bipartisan Budget Act now limits access to the file, NPR reports.
Those who want access to the data soon will need to be certified—or wait three years after a person has died to tap into his or her information. The change is meant to curb identity thieves who use the data to commit tax fraud, and it could save taxpayers $786 million over the next 10 years, according to Bloomberg Businessweek.
But the Consumer Data Industry Association (CDIA) says that the new limits come with major downsides for its members, who often use the data for research and fraud-prevention purposes.
“It’s critically important that the legitimate business needs are preserved,” CDIA CEO Stuart Pratt told NPR.
How the Data is Used
Pratt suggests that the identity theft concerns matter for the private sector as much as the public sector—and that the CDIA’s members have a vested interest in knowing if a person has died.
“That’s important for financial institutions to know, because there’s forms of identity theft that are associated with individuals who are deceased,” he told NPR. “Identity thieves will sometimes scour obituaries and try to get information and try to open up accounts, even though an individual has recently died.”
Beyond preventing identity theft, some researchers in a variety of fields say the records are crucial to their efforts. Those raising concerns include genetic scientists, oncology programs, pension funds, genealogists and investigative firms.
The Harvard’s Nurses’ Health Study, for example, has used DMF data to track roughly 250,000 nurses over the past three decades. Gary Chase, the study’s project manager, told NPR, “If we follow women for all these years and we don’t find out what happens to them at the end, it’s like reading a long novel and you leave off the last couple of pages.”
There is some room for flexibility in the process for groups like the CDIA. The budget act gives the secretary of commerce until March to establish a fee-based certification process.
Individuals who can prove “legitimate fraud prevention interest or a legitimate business purpose pursuant to law, rule, regulation or fiduciary duty” can gain access to a deceased person’s information within three years of their death, according to the National Technical Information Service. In the meantime, the DMF will remain public until the certification program goes into effect.
Pratt tells NPR that the CDIA plans to keep a close eye on the decision-making process.
“If the exceptions are interpreted too narrowly, it will actually have a harmful effect,” he said.