National Plan & Provider Enumeration System, Centers for Medicare and Medicaid Services
CMS: Don’t Use Social Security Numbers in Publicly Accessible NPPES Fields
Social Security numbers should not be reported in National Plan & Provider Enumeration System (NPPES) fields that the Centers for Medicare & Medicaid Services (CMS) needs to make publicly available under the Freedom of Information Act, CMS officials said in a Nov. 26 bulletin.
CMS reports that some providers have been listing their own or their employees’ Social Security numbers in NPPES fields such as “Other Provider Identification Numbers,” “License Number” or “Employer Identification Number.”
CMS urges providers to check their NPPES records to confirm that they did not input Social Security numbers in fields that will be made available to the public, or to delete their Social Security numbers from such fields immediately.
To view NPPES records, go to https://nppes.cms.hhs.gov. Providers should not use monthly downloadable NPPES files to check for Social Security numbers , because in those files, CMS has been suppressing all nine-digit numbers in all publicly accessible fields in order to safeguard providers’ personal information.
This article originally appeared in the January 2008 issue of Mobility Management.