The Bipartisan Budget Act of 2013, signed into law by President Obama on December 26, 2013 will bring about significant changes to the way the Death Master File (DMF) is accessed by users.

Under Section 203, “Restriction on Access to the Death Master File,” the Secretary of Commerce is tasked with establishing a fee-based certification program for all persons desiring to access the DMF data within three years of the death of any deceased individual. Section 203 of the Bipartisan Budget Act of 2013 will take effect 90 days after its enactment in March 2014.

The DMF is often abused by identity thieves seeking to gain fraudulent monetary gain from the abuse of the identities of recently deceased individuals. The DMF contains highly sensitive, personally identifiable information which can be used in a myriad of ways by criminals thereby wreaking havoc on government agencies, grieving families and the economy as a whole. The DMF currently contains over 86 million records of deaths and includes the following personal information for each deceased individual if available: Social Security Number, name, date of birth, date of death, state or country of residence, and the ZIP code of their last residence. This is a virtual gold mine for an identity thief.

One example of how identity thieves use this information is to obtain a deceased individual’s personal information and use it to file a fraudulent tax return in the decedent’s name claiming fraudulent refunds. Not only does this steal money from our government in the form of fraudulent refunds, but it is devastating for a grieving family to have to go through the process of proving to the Internal Revenue Service that their loved one is indeed dead. This stalls the grieving process for the family, uses up valuable time of IRS employees and the deceased’s family, slows down the processing of returns for everyone, and enriches criminals at the expense of our tax dollars.

The fee-based certification program, under Section 203 of the Bipartisan Budget Act of 2013 will reduce this and other types of identity fraud by requiring user certification under Section 203(b)(2). To obtain certification, an applicant must:

  • Certify that he or she has a legitimate fraud prevention interest or a legitimate business purpose pursuant to law, rule regulation or fiduciary duty [Section 203(b)(2)(A) AND
  • Have systems, facilities, and procedures in place to safeguard such information, and experience in maintaining the confidentiality, security, and appropriate use of such information

In addition to creating the new certification process for access to the DMF, the Secretary of Commerce is also ordered to perform periodic and unscheduled audits of certified persons to determine their compliance with the DMF program requirements. While there are some who are concerned that the increased protection of DMF information will harm research or business that is dependent on the DMF, it is important to think of all the harm that occurs when the DMF is used for fraudulent purposes. We think this is a fairly balanced approach to the issue and appreciate the concern shown by our legislators for the victims of DMF related identity theft.

“Important Changes Regarding Access to the Death Master File for 2014” was written by Sam Imandoust, Esq., CIPP, CIPA. He serves as a legal analyst for the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.