Thanks for the response.  I still get the same error after trying that.  I'll try upgrading to 9.1.7.  In case I've set up something wrong, below are the relevant lines in the configuration.  Do you see anything wrong?

object network obj_any
 subnet 0.0.0.0 0.0.0.0

object network obj_any
 nat (inside,outside) dynamic Y.Y.Y.4

access-list acl-outside-in extended permit icmp host X.X.X.X host Y.Y.Y.4

icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside

policy-map global_policy
 class inspection_default
  inspect dns migrated_dns_map_1
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny 
  inspect sunrpc
  inspect xdmcp
  inspect sip 
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect icmp

Ok, I've upgraded to ASA version 9.1(7)7, and I still get the same error.

Have you done a packet capture to see if a) the echo requests are arriving at the ASA and b) if the ASA is attempting to send the response?

Also, can you ping from the ASA to the device you are trying to ping the ASA from?

The packet capture shows the echo request arriving, but doesn't show any attempt to respond.  I just get:

X.X.X.X > Y.Y.Y.4: icmp: echo request

And I can successfully ping from the ASA to X.X.X.X (my home computer).

can you post full configuration to review.

I'm afraid that if I post the entire configuration, I'll miss some identifiable info in it.

I realized, though, that the IP assigned to the outside interface ends in .1, not .4

interface Ethernet0/0
 nameif outside
 security-level 0
 ip address Y.Y.Y.1 255.255.255.240

I had assumed it was .4, since outside devices see the ASA at Y.Y.Y.4, including a credit card company that is trying to do a security vulnerability scan, which is why I'm doing this.  If I go to any website that shows my public IP, it's the Y.Y.Y.4 one.

I am able to successfully ping Y.Y.Y.1, so hopefully the credit card PCI compliance company will accept that address.  If they insist on scanning Y.Y.Y.4, then I'll still have to figure out how to ping that address.  Here are my NAT rules:

object network obj-192.168.1.9
 nat (inside,outside) static Y.Y.Y.2
object network obj-192.168.1.13
 nat (inside,outside) static Y.Y.Y.3
object network TS-SERVER
 nat (inside,outside) static Y.Y.Y.7
object network obj-192.168.1.12
 nat (inside,outside) static Y.Y.Y.5
object network obj-192.168.1.193
 nat (inside,outside) static Y.Y.Y.6
object network obj_any
 nat (inside,outside) dynamic Y.Y.Y.4
object network pserver
 nat (inside,outside) static Y.Y.Y.8
object network SNVR
 nat (any,any) static Y.Y.Y.9
object network obj-192.168.120.101
 nat (inside,outside) static Y.Y.Y.11

So, it sounds like it's not going to possible to ping a PAT external IP address, correct?  But I need PAT for computers on the internal network to access the internet.  So if this is the case, I guess I'll hope the credit card compliance company will be ok with an IP that has a static NAT to one of our servers.

Why is that a cheap, basic router-- a Linksys, for example-- does PAT, and you can enable an option to be able to ping its external IP -- the same IP that's doing the PAT?

may be this is what hitting

object network obj_any
 nat (inside,outside) dynamic Y.Y.Y.4

that is the reason you see public .4 rather .1

May be worth you understand the network, since you are the one who manage day to day, we can only give  advise here.