Today's Law As Amended

PDF |Add To My Favorites |Track Bill | print page

AB-56 Benefits: outgoing mail: claim processing: reporting.(2021-2022)

As Amends the Law Today


 Section 11019.7 of the Government Code is amended to read:

 (a) A state agency shall not send any outgoing United States mail to an individual that contains personal information about that individual, including, but not limited to, the individual’s social security number, telephone number, driver’s license number, or credit card account number, unless that personal information is contained within sealed correspondence and cannot be viewed from the outside of that sealed correspondence.
(b) (1) Notwithstanding any other law, commencing on or before January 1, 2023, a state agency shall not send any outgoing United States mail to an individual that contains the individual’s social security number unless the number is truncated to its last four digits, except in the following circumstances:
(A) Federal law requires inclusion of the social security number.
(B) The documents are mailed to a current or prospective state employee.
(C) An individual erroneously mailed a document containing a social security number to a state agency, and the state agency is returning the original document by certified or registered United States mail.
(D) The Controller is returning documents to an individual previously submitted by the individual pursuant to Chapter 7 (commencing with Section 1500) of Title 10 of Part 3 of the Code of Civil Procedure.
(E) The document is sent in response to a valid request for access to personal information, pursuant to Section 1798.34 of the Civil Code.
(2) (A) On or before September 1, 2021, each state agency that mails an individual’s full or truncated part of a social security number to that individual, other than as permitted by paragraph (1), shall report to the Legislature regarding when and why it does so.
(B) A state agency that, in its own estimation,  that  is unable to comply with the requirements of paragraph (1) of this subdivision shall submit an annual corrective action plan to the Legislature by December 15 of each year  until it is in compliance with that paragraph. The annual corrective action plan shall include, at a minimum, all of the following: 
(i) The steps the agency has taken to stop including full social security numbers on outgoing United States mail.
(ii) The number of documents sent as outgoing United States mail from which the agency has successfully removed full social security numbers and the approximate mailing volume corresponding with those documents.
(iii) The remaining steps that the agency plans to take to remove or replace full social security numbers it includes on documents sent as outgoing United States mail.
(iv) The number of documents and approximate mailing volume associated with those documents that the agency has yet to address.
(v) The expected date by which the agency will stop sending documents that contain full social security numbers as outgoing United States mail to individuals.
(C) A report required by subparagraph (A) of this paragraph or corrective action plan required by subparagraph (B) of this paragraph and communications made in connection with these documents that bear on what mailings do and do not contain an individual’s social security number, are confidential and shall not be disclosed to the public pursuant to any state law, including, but not limited to, the California Public Records Act (Chapter 3.5 (commencing with Section 6250) of Division 7 of Title 1 of the Government Code).
(3) (A) The requirement for submitting a report imposed under subparagraph (A) of paragraph (2) is inoperative on January 1, 2024, pursuant to Section 10231.5 of the Government Code.
(B) A report to be submitted pursuant to subparagraph (A) or (B) of paragraph (2) shall be submitted in compliance with Section 9795 of the Government Code.
(c) Upon appropriation by the Legislature, if the Employment Development Department fails to comply with paragraph (1) of subdivision (b) by January 1, 2023, the department shall provide access to and pay for identity theft monitoring for any individual who receives outgoing United States mail from the department that contains the individual’s social security number in violation of paragraph (1) of subdivision (b).
(c) (d)  “Outgoing United States mail” for the purposes of this section includes correspondence sent via a common carrier, including, but not limited to, a package express service and a courier service.
(d) (e)  Notwithstanding subdivision (a) of Section 11000, “state agency” includes the California State University.

SEC. 2.

 Section 320.4 is added to the Unemployment Insurance Code, to read:

 (a) Upon appropriation by the Legislature, the department shall do all of the following:
(1) (A) Report at least once every six months on its internet website all of the following information:
(i) The amount of benefit payments for which it must assess potential overpayments.
(ii) The amount for which it has issued overpayment notices.
(iii) The amount of overpayments waived.
(iv) The amount repaid related to those overpayment notices.
(B) The reports shall encompass benefit payments made by the department from March 1, 2020, until the time when it resumes all eligibility determinations.
(C) The department shall publish the information required under this paragraph until the repayment period for all the notices has elapsed.
(2) (A) Immediately perform a risk assessment of its deferred workloads, including deferred eligibility determinations and retroactive certifications.
(B) The department’s risk assessment performed under subparagraph (A) shall take into account the relative likelihood that it issued payments to ineligible claimants by considering historic overpayment trends, as well as the new or altered eligibility requirements the federal government adopted in response to the COVID-19 pandemic. If necessary, the department shall either partner with another state agency or contract for assistance in performing the analysis in support of this assessment.
(3) (A) Develop a workload plan that prioritizes its deferred workloads based on the risk assessment performed pursuant to paragraph (2) and determine the staffing and information technology resources needed to accomplish the work within expected timeframes.
(B) Hire and train staff as necessary in order to carry out the workload plan. Using the workload plan, the department shall process the deferred work in alignment with all of the following:
(i) The need to pay timely benefits to new or continued claimants.
(ii) Federal expectations about the urgency of the deferred work.
(iii) Any deadlines by which the department may no longer be allowed to recoup inappropriately paid benefits.
(4) Immediately begin modeling workload projections that account for possible scenarios that would cause a spike in unemployment insurance claims. The department shall plan its staffing around the likelihood of those scenarios, including having a contingency plan for less likely scenarios that would have a significant impact on its workload.
(5) By March 1, 2022, revise its public dashboards with regard to the number of backlogged claims in order to clearly describe the difference between those waiting for payment and those that are not, and to clearly indicate the number of claims that have waited longer than 21 days for payment because the department has not yet resolved pending work on the claim.
(6) By June 1, 2022, determine how many of its temporary automation measures for claims processing it can retain and by September 1, 2022, make those a permanent feature of its claims processing.
(7) By June 1, 2022, determine the reasons that claimants cannot successfully complete their identity verification through secure identity verification networked, including, and work with department vendors to resolve identified problems. The department shall thereafter regularly monitor the rate of successful identity verifications to ensure that it consistently minimizes unnecessary staff intervention.
(8) By June 1, 2022, identify the elements of the department’s Benefit Systems Modernization process that can assist the department in making timely payments and that it can implement incrementally. The department shall then prioritize implementing the elements most likely to benefit Californians.
(9) Implement a formal policy by May 1, 2022, that establishes a process for tracking and periodically analyzing the reasons why unemployment insurance claimants call for assistance. By October 1, 2021, and every six months thereafter, the department shall analyze this data to improve its call center by doing the following:
(A) Identifying and resolving weaknesses or problems with the ways in which it provides assistance to unemployment insurance claimants through self-service and noncall center options.
(B) Developing specialized training modules to quickly train its call center staff on the most commonly requested items on which callers want assistance.
(10) (A) By May 1, 2022, implement a policy for tracking and monitoring its rate of first-call resolution. The department shall review first-call resolution data at least monthly to evaluate whether it is providing effective assistance to callers.
(B) To maximize the number of calls that department staff are able to answer, as soon as possible, the department shall add prerecorded message functionality to its phone system to advise claimants of their rights and responsibilities after they file their claim with an agent.
(C) To provide a more convenient customer service experience, as soon as possible, the department shall implement features of its phone system that allow callers to request a callback from an agent instead of waiting on hold for assistance.
(11) To prepare to respond to victims of identity theft who receive incorrect tax forms, the department shall, by February 15, 2022, provide information on its internet website and set up a separate email box for those individuals to contact the department and receive prompt resolution.
(12) (A) To the extent consistent with federal law, the department shall immediately obtain from any federally chartered financial institution or other financial institution used by the department to make benefit payments a comprehensive list of claimants’ accounts that are frozen. The department shall immediately thereafter evaluate the list, including considering using to verify claimants’ identities, to identify accounts that should be unfrozen. By March 1, 2022, the department shall direct the institution to take action to freeze or unfreeze accounts as appropriate to ensure that it provides legitimate claimants with benefits but does not pay benefits related to fraudulent claims.
(B) To ensure that the department reviews each account that an institution reports to it as suspicious or potentially fraudulent, by February 2022, the department shall establish a centralized tracking tool that allows it to review and stop payment on claims, as appropriate. The department shall use this tool to monitor its own internal decisions and track whether the claimant responds to its requests for identity information and should, therefore, have their account unfrozen.
(b) Upon appropriation by the Legislature, the department shall convene both of the following working groups by March 1, 2022:
(1) A working group to assess the lessons learned from claim surges and identify the processes that the department can still improve. The working group shall do both of the following:
(A) Include representatives from the department’s unemployment insurance branch, information technology branch, and executive management, as well as representatives from the 2020 Employment Development Department strike team.
(B) Issue a report on the lessons learned from the claim surge by January 1, 2023. The report shall identify any recommended improvements for the department and include a review of the department’s implementation of the 2020 Employment Development Department strike team recommendations.
(2) A working group to coordinate the work needed to resolve each complaint of identity theft, make decisions about staffing levels necessary, and add staffing to accomplish the work in order to ensure that the department provides appropriate assistance to victims of identity theft who report fraud through the department’s online fraud reporting portal.
(c) (1) Upon appropriation by the Legislature, by March 1, 2022, the department shall designate a unit as responsible for coordinating all fraud prevention and detection. The department shall assign that unit sufficient authority to carry out its responsibilities and align the unit’s duties with the Government Operations Agency’s framework for fraud prevention.
(2) By May 2022, the department shall develop a plan for how it will assess the effectiveness of its fraud prevention and detection tools.

SEC. 3.

 Section 1326.8 is added to the Unemployment Insurance Code, to read:

 The department shall request any personal identification information required from the claimant under this part in accordance with the most recent federal National Institute of Standards and Technology Special Publication 800-63 standards, relating to technical requirements for implementing digital identity services, and as those standards may be amended or updated from time to time.

SEC. 4.

 Section 2614 of the Unemployment Insurance Code is amended to read:

 (a)  The director shall report to the Assembly Committee on Insurance, Assembly Committee on Labor and Employment, and the Senate Committee on Labor and Industrial Relations  Labor, Public Employment and Retirement  by June 30 of each year on the department’s fraud deterrence and detection activities.
(b) The department shall assess the effectiveness of the department’s system of cross matching claims against information about incarcerated individuals. The assessment shall include how regularly the department performs the cross matches, how successful the cross matches are in detecting and preventing fraud, and whether the cross matches negatively affect eligible claimants attempting to legally obtain benefits. The department shall include this assessment in its annual report on fraud deterrence and detection activities.
(c) (1) By January 1, 2023, and biannually thereafter, the department shall assess the effectiveness of its fraud prevention and detection tools and determine the degree to which those tools overlap or duplicate one another without providing any additional benefit. The department shall then eliminate any fraud prevention and detection approach for which it lacks clear evidence of effectiveness. The department shall include this assessment in its annual report on fraud deterrence and detection activities.
(2) By July 2022, the department shall provide the Legislature with an update on its progress in performing this analysis.