September 20, 1999
Mr. T.S. Whitaker Deputy Chairman for Programs Employment Security Commission of N.C.
Post Office Box 25903 Raleigh, North Carolina 27611
Re: Advisory Opinion: Public Records: N.C.G.S. § 132-1 et al; Release of data from the Common Follow-Up System: N.C.G.S. § 96-33
Dear Mr. Whitaker:
You have requested our opinion as to whether the Employment Security Commission (ESC) is required by the Public Records Act, N.C.G.S. § 132-1 et al, to reformat the Common Follow-Up System (CFS) in order to allow the data in the system to be reviewed and analyzed without revealing confidential, personally identifiable information.
N.C.G.S. § 96-32(a) discusses the establishment, maintenance, and purpose of the CFS.
The Employment Security Commission of North Carolina shall develop, implement, and maintain a common follow-up information management system for tracking the employment status of current and former participants in State job training, education, and placement programs. The system shall provide for the automated collection, organization, dissemination, and analysis of data obtained from State-funded programs that provide job training and education and job placement services to program participants.
Numerous state agencies are required to submit information to the ESC to carry out the CFS. In fact, N.C.G.S. § 96-33(a) requires that:
Every State agency and local government agency or entity that receives State or federal funds for the direct or indirect support of State job training, education, and placement programs shall provide to the Employment Security Commission of North Carolina all data and information available to or within the agency or entity’s possession requested by the ESC for input into the common follow-up information management system authorized under this Article.
T.S. Whitaker September 20, 1999 Page 2
Much of the information provided by these agencies to the ESC is personally identifiable information required to be kept confidential by state and federal laws. For example, the system includes personally identifiable data about public school, community college, and UNC system students which are made confidential by state and federal laws. See 20 U.S.C. § 1232 et al: Family and Educational Privacy Act (FERPA); N.C.G.S. § 115C-114; & N.C.G.S. § 115C-402. The need to protect the confidentiality of this data was recognized by the General Assembly. N.C.G.S. § 9633(b) states: "[i]nformation obtained by the ESC from the agency or entity shall be held by ESC as confidential and shall not be published or open to public inspection other than in a manner that protects the identity of individual persons and employers." See also N.C.G.S. § 96-32(a).
The CFS matches the confidential, personally identifiable information provided by the participating agencies regarding individuals by using social security numbers. The social security numbers are the uniform character linking the databases from the various agencies that place information into the CFS. Under federal law , social security numbers are not open to public access. 42 U.S.C. §405(c)(2)(C)(viii) (1990) provides that "Social Security account numbers and related records that are obtained or maintained by authorized persons pursuant to any provision of law, enacted on or after October 1, 1990, shall be confidential, and no authorized person shall disclose any such Social Security account numbers or related record." This statute makes clear a federal policy favoring the confidentiality of social security account numbers.
A party has requested the ESC to replace the confidential social security numbers with a nonidentifying code in order to allow the analysis of the data without revealing confidential, personally identifiable information. Nothing in the General Statutes would require the ESC to comply with such a request. N.C.G.S. §132-6.1(c) specifically addresses the issue of creating new databases: "[n]othing in this section shall require a public agency to create a computer database that the public agency has not otherwise created or is not otherwise required to be created. .." Therefore, the ESC is not required to replace the social security numbers with a different uniform identifying character, to do so would be to create another database which the ESC "has not otherwise created or is not required to be created." N.C.G.S. § 132-6.1(c).
Sincerely,
Wanda Bryant Senior Deputy Attorney General
C. Ruffin Poo1e Associate Attorney General