USDA Revises Its National SNAP Information Database Notice:

By Nick Hart, Ph.D. — June 15, 2026

On June 15, 2026, the U.S. Department of Agriculture (USDA) published a modified Privacy Act System of Records Notice (SORN) for USDA/FNA-15, the National SNAP Information Database. The system consolidates Supplemental Nutrition Assistance Program (SNAP) participant data from state agencies into a federal database that USDA uses to verify eligibility determinations and support program integrity. The modification responds to the more than 450 public comments USDA received after proposing the system in June 2025, and it changes how the notice describes the disclosure of records in productive ways based on those comments.

The modification makes four key changes. It revises the routine-uses section to state that records may be disclosed only where the Food and Nutrition Act of 2008 permits, and that no disclosure will occur where a routine use would conflict with that statute. It rewrites two of the broadest routine uses for law enforcement and for fraud, waste, and abuse to track the statute's confidentiality provisions more closely. The SORN removes the word "foreign" from the law-enforcement routine use, a term USDA states was standard departmental language that it has not relied upon. And it updates the storage description to reflect a FedRAMP High cloud environment, alongside an administrative renaming of the Food and Nutrition Service (FNS) to the Food and Nutrition Administration (FNA).

The Data Foundation submitted a comment on the original notice in July 2025, conditionally supporting the system's program-integrity goals while urging that it be implemented within established federal data-governance frameworks. Several of today's changes address concerns raised in that comment and by other commenters, including the removal of the "foreign" reference and the explicit tie between every routine use and the Food and Nutrition Act's existing disclosure limits.

Much of the public discussion of the database has overlooked a relevant piece of policy context. In 2017, the U.S. Commission on Evidence-Based Policymaking (the bipartisan Ryan-Murray Commission) unanimously recommended that federal departments be able to obtain complete state-collected administrative data, consistent with applicable law, rather than rely on samples. The Evidence Commission explicitly identified SNAP as a high-value data asset, noting that universe data covering all participants holds the greatest value for building evidence. The concept of consolidating SNAP data at the federal level therefore predates the current effort and was endorsed without dissent by a bipartisan body, primarily for the purpose of building evidence and improving programs. That history does not by itself resolve how the system should operate, but it does locate the central question accurately: not whether such a capability should exist, but how it should be governed.

On governance, the June 2026 SNAP modification is a partial step. It sharpens the legal limits on disclosure, but it does not establish the broader oversight architecture that sustains public trust in a sensitive, multi-state data system. The Data Foundation's comment recommended a risk-based access model along the lines of the Five Safes framework, clear procedures for individuals to access and correct their records across federal and state systems, routine audits of data access, periodic reporting to Congress, a sunset-and-reauthorization cycle, and an evaluation of the system's benefits, risks, and costs within its first years of operation. The modified notice does not adopt these measures.

Some related practices appear to be underway outside the notice itself. USDA's program-integrity data collection protocol and privacy impact assessment describe limiting collection to the minimum necessary and excluding third-party verification data. Reflecting those commitments in the system-of-records notice would make them more transparent and durable.

The federal experience of the past decade indicates that program integrity and privacy protection are compatible objectives when safeguards are designed in from the outset rather than added later. USDA has now clarified what the law permits, and the remaining work should specify how the system will be governed.

Nick Hart, Ph.D., is President and CEO of the Data Foundation. He previously served as Policy and Research Director of the U.S. Commission on Evidence-Based Policymaking.