SURVEY SAYS: What's Your Employee Identifier?

September 13, 2007 (PLANSPONSOR.com) - Managing to keep personal information has always been a key concern in our business - and we've recently seen instances where there have been inadvertent disclosures that have caused embarrassment, if not an identity theft risk.

In fact, the federal government’s Thrift Savings Plan (TSP) has just announced its intention to do away with the use of Social Security numbers as an account identifier (see  TSP Participants to No Longer Use Social to Access Accounts ).  

This week, I asked readers what they used as the employee identifier on their retirement plan.

Despite the concerns noted above, it is probably no surprise that more than 80% of this week’s respondents are using Social Security numbers as identifiers.   As one reader noted, “While a unique employee number sounds reasonable, it’s difficult to imagine how this solution would work on a long-term basis. The SSN is a number that stays with the person for a lifetime, and employees still can’t get it right 100% of the time. If an employee becomes eligible for our retirement program and comes to us 20 years from now to collect but doesn’t remember his employee number, how are we to find him if we have had 100 Bill Smith’s working for us over the past 30 years?”

For the distinct minority that was working with something other than Social Security number, about 12% were using an employee number, and the rest either a randomly assigned number or some “other” option – generally a combination of social security number and something else (name or employee number were common).

On the other hand, no doubt as a result of some of the earlier articulated concerns, about a quarter of this week’s respondents are considering changing that identifier – and more than half (55.7%) opted to respond “not yet” rather than “no.”   Based on comments from several, the use of Social Security number isn’t their choice, but one impressed on them by their recordkeeper/provider.   One reader noted, “We use SSN, but we do recordkeeping for others and offer alternatives to our clients. You know what they say about the shoemaker’s children.”   However, as one reader said, “Not sure what the provider has in mind, but its time to ‘forget’ our SS numbers and move on like the rest of the world.”

Indeed, one respondent provided a lengthy acknowledgement of the issue:  “It has to be addressed. Every day we have participants screaming about their SS# being used on their accounts and on their Web access and incoming e-mails for payrolls. We have to find a way to eliminate using them except for distribution when it affects the 1099’s. We had one participant, after going off in an e-mail to us, that ended his e-mail with ‘BTW, isn’t it illegal to use my SS#?’ One participant went off on her rep for using the plan number and her SS# in the same e-mail and let her know if there is any identity theft with her SS#, she was going to hold the rep responsible for damages. Since Identity-theft risk is a big issue, you can almost see at some point some lawyer bringing a class action suit – then you can be sure there will be reforms to everything we do in regards to using the SS#.”

Still another noted, “In the world of records, the SSN has been used because it is a unique ID for each individual person. Switching to something else will not work unless it is unique. If it’s not unique, people’s records will get mixed up. If it is unique, then you are back to square one with the same issues people complain about for SSN.”

But there are workable solutions.   One reader noted, “I am comfortable that employees use SS# to access their account. They also need a PIN in order to access the information. Communication going out to employees does not have SS# on it.”

One reader cautioned, “Let’s be honest…if someone wants the information…they will find a way to get it.”

But this week’s Editor’s Choice goes to the reader who responded, “While I’m very happy to have my private information, such as SS#, protected, it’s really, really challenging to remember a different number for each account I need to access. I’ve had to create a little cheat sheet, which I’m now concerned about keeping private….”

Thanks to everyone who participated in our survey!

However, the employee must initially log in to their online account using their SSN. It continues to be their username unless they notice that they can change it.
SSN is used at discretion of participant. Alternative is any string of alpha-numeric characters you want. No numbers appear on statements!
But for on-line the participant also uses his or her own "secret" password.
new retirees receive new number which is different than employee number.
a PIN which is given but employee can change
Sequential number assignment (real simple) - The first employee to enter our Retirement System (DB Plan) in August 1940 was assigned system number 1. The most current entry in August 2007 was assigned system number 54896 - perhaps a tribute to defined benefit plans and their value to employees....
We use SSNs in our system, but for statements, etc., we have random account numbers.
our vendor Fidelity is fixated on the SSN
When we search our db system we can use name or ssn. Since the late 1990s, our employees have been assigned a unique id number which is used as the identifier in the payroll system. However, there are deferred vested participants and retirees who do not have this new identifier. So we don't have much choice for the foreseeable future.
we use social security number recorded as: xxx-xx-(plus last four digits of employee's ss#)
The employee can select their own identifer.
I'm in the TSP, so it will be going to an account number at some point--the info will be mailed later this month. Our agency also has a 401(k) and we went from SSN to a userid (self-selected) a year or so ago.
social security number (I can never get the radio buttons to work!)
We still use the SSN for the retirement plan identifier, but we use a five-digit identification number for all other reasons. I'm not sure why we didn't carry that over to the retirement plans, but it is probably something we need to consider.
We utilize a partial SSN, usually, the first 5 digits. Discussions are under way to use an employee number in the future.
EE chooses ID for website & VRU. For admin internally, we use SSN
It is the SSN initially, but then the participant selects their own identifier.
We use employee number internally and send it to the TPA along with the SS#. The TPA depends on the SS# for most identification purposes but can use EE#. We hope to have them convert to only using EE# soon.
Our 401(k) plan uses SSN. Our DB plan uses employee number, but we sometimes need to verify old term vesteds with SSN.
We use employee numbers but when the employee retires, we give them account numbers. Social Security numbers are used as a secondary identifier when verifying accounts.
We are able to pick our own identifier. I think it used to be SSN, but now they have us pick our own, so you can use your SSN, but of course you'd be smarter not to.
Participants were historically identified by social, and are now encouraged to change it to something else.
I think randomly assigned names for parts of animals would be good: owlet's wing, maw, adder's fork, sweetbreads, tongue of dog, balls (or Rocky Mt. Oysters if you prefer), blind worm sting, wool of bat, baboon's blood, lizard's leg, ribs. Maybe with names of bar-b-que sauces (ox-tail piquant).
While a unique employee number sounds reasonable, it's difficult to imagine how this solution would work on a long-term basis. The ssn is a number that stays with the person for a lifetime, and employees still can't get it right 100% of the time. If an employee becomes eligible for our retirement program and comes to us 20 years from now to collect but doesn't remember his employee number, how are we to find him if we have had 100 Bill Smith's working for us over the past 30 years?
I'm not sure the issue is that we us SSN as an identifier, rather in many cases it is the only identifier when applying for credit cards, loans, etc. Similar to when I log into my bank account or 401k account there should be several data elements that are requested and provided in order for someone to not steal my identity.
We use SSN, but we do recordkeeping for others and offer alternatives to our clients. You know what they say about the shoemaker's children.
Our retirement system (we are a local government entity) is tied to Florida Retirement System, which uses SS#'s
Impossible to get away from maintaining the social security number for each retirement plan participant as Government reporting requires it.
It has to be addressed - every day we have participants screaming about their SS# being used on their accounts & on their web access & incoming emails for payrolls. We have to find a way to eliminate using them except for distribution when it affects the 1099's. We had one participant after going off in an email to us that ended his email with BTW isn't it illegal to use my SS#. One participant went off on her rep for using the plan number & her SS# in the same email & let her know if there is any identity theft with her SS# she was going to hold the rep responsible for damages. Since Identity theft risk is a big issue you can almost see that at some point some lawyer bringing a class action suit - then you can be sure there will be reforms to everything we do in regards to using the SS#. It will be interesting to see what others are doing about this.
Although we are already transmitting our non-SS# employee ID to our recordkeeper already so that it will be easy for us to make a switch if we ever choose to do so.
SSN's are used far too often, they should only be used for Social Security, not other areas.
our Deferred comp and stock equity plans have used an employee ID number for almost a decade.
It's a hard choice to pick a personal identification number. Either you use the same one and then if someone figures it out they get access to all your accounts or you use a different one and then not be able to remember it.
It's hard to get away from using the identifier that rarely changes over a person's life, especially for a retirement plan that may have a relationship with a person for 50+ years.
Some of our health plans, in what looks to me like a violation of federal law, still use the Social Security as the main ID number. I'm in the process of protesting this to HR - we'll see if I get anywhere!
This is one item that is ripe for change. Many participants are getting increasingly upset that they have to use their ssn as an identifier. If we can find a way to change this for company IDs and health plan IDs, we should be able to do it for the 401k plan, too.
Thanks for making me think about this!
The thought generates excitement however it is not just about having a unique number in HRIS systems and recordkeeping systems, there are also other concerns, will there be enough unique numbers at recordkeepers?
The company just went to random employee id #s in July, but decided not to push this on the 401(k) plan at this time.
The subject has never come up but now that you mention it, we probably should consider a change. Of course the last thing any of us needs is another "number" to remember. Wonder if we could coordinate with health insurance to use the same alternate ID#? Does anyone do that?
In the world of records the SSN has been used because it is a unique ID for each individual person. Switching to something else will not work unless it is unique. If its not unique people's records will get mixed up. If it is unique, then you are back to square one with the same issues people complain about for SSN.
The move to protect Social Security numbers, while entirely necessary and prudent, results in enormous problems for any plan using them for identification. Aside from encyption and associated programming changes, any plan which sends in information with a masked social security number requires someone to look up which participant it belongs to (in our firm, anyway). This has already caused me many hours of extra work. I don't have a better answer, but I wish someone else would be responsible for looking these things up!
It's an unfortunate human trait; things are not impotant till they happen to you. It is hard convincing the "powers that be" that HIPAA and employee security are issues worth addressing until their personal info is effected.
The medical carriers have made progress in changing from ssn but I have not heard of the retirement recordkeepers making progress.
Our (governmental) retirement system has over 550,000 participants, of which over 115,000 are annuitants. We are currently working on a new benefit payment system that we hope to implement within the next 6 months. This is a major IT project since the current system was implemented in the 1970's, and IT technology has changed a bit since then! Consequently, while we recognize the need to change to an identifier other than Social Security numbers, taking on another significant IT project is undoable and unthinkable at the moment.
I am comfortable that employees use ss# to access their account. They also need a PIN in order to access the information. Communication going out to employees does not have ss# on it.
Vendors wil need to update their systems.
Let's be honest...if someone wants the information...they will find a way to get it.
While it's important for companies to keep security of information a top priority, I find it a little crazy having been in the business as long as I have, when a plan participant is reluctant to provide a social security number to a company that must create a 1099R and report taxable information to the IRS.
For a defined contribution plan, or any retirement plan, it only makes sense to use SSN. That's the number the participant will have all his life, even as he rides off into the sunset to collect his benefits, and even after he's deceased, so his heirs can settle any estate issues.
we have a lot of father and son employees and it is hard to figure out who is who by name. Outside of ssn, we would have to go to employee number.
While I'm very happy to have my private information, such as SS#, protected, it's really, really challenging to remember a different number for each account I need to access. I've had to create a little cheat sheet, which I'm now concerned about keeping private.....
The use of employee identifier is determined by our trust/recordkeeper firm. I don't know if they have any plans to change to an alternate ID or not.

Social Security Number.   After a participant registers for the first time, they may change it to something else if they like.   We use the last 4 digits of the Social Security Number along with a name when communicating with our vendor.   Internally, we prefer employee number.


We still use Social Security numbers, except for medical plans.

Not sure what the provider has in mind, but its time to "forget" our SS numbers and move on like the rest of the world.
a user specified ID
Random number
Unique ID assigned by employer.
We're not sure yet, but to some other numeric identifier.
I don't know. I'm sure interested in finding out though!
unique identifier - random number
We have implemented a unique identification number for retirees, but are finding it difficult to program for active members. We will work through it, however, and intend to implement it as soon as possible.
We'd like to use a randomly generated ID number of some sort.
We will find out when we get the mailing later this month.
not yet
We use a 5-digit payroll ID for all associates, so we could just transfer that over and use it as the retirement plan ID.
See above response.
I work for a recordkeeper. Our organization announced to us that they are looking into ways that our recordkeeping system could be enhanced to use another identifier. There has not been a lot of information provided on that research so far.
I believe it may be a random number
SSN is the identifier people use to login to their account. We will be switching next year to a user ID that participants create.
A random individual member identification number.
Prefer to use employee number assigned by HR system.
A payroll number, random/system generated.
Employee number.
We use SSN for other records, and are considering changing that practice.

«