TLS is the modern, updated version of SSL, and all versions of the SSL protocol are deprecated.  However, the name SSL stuck when we talk about web browser encryption.  For instance, this site (answers.laserfiche.com) is using TLS 1.2 which is not the same as any version of SSL, but we would casually describe it as using SSL.

The distinction rarely matters in practice, unless you are configuring the protocols a server will support.  Wikipedia has a lot of additional background.

Keep in mind that form data, like SSNs and passwords will be stored in clear text in the Forms SQL database, so you'll want to restrict direct access to the database and possibly encrypt the data files.

If this is a public form accessible to the interwebs, I suggest using a honeypot captcha or something equivalent. If you have the luxury of knowing in advance who will be filling out the forms (by email address), you could have the system generate a guid and append the guid in a link sent to the person's email address, then have the form check the guid against a db of expiring guid's. This is a bit more complex but tightens up security.