Legal Information

Legal Issue for Secure Document Destruction

Red Flag Rules 2009

Fighting Fraud with the Red Flags Rule: A How-to Guide for Business www.redflagrules.net
www.ftc.gov/redflagsrule
www.fdic.gov

HIPAA & HIPAA/HITECH 2009

The Health Insurance Portability and Accounting Act (HIPAA), enacted by the federal government in 1996, is intended to safeguard the privacy of patient health records. The law provides for stiff penalties for companies found to be in violation of HIPAA regulations.

A full text of HIPAA regulations is available from the U.S. Department of Human Services.

www.hipaa.com
www.hipaaacademy.net
www.realtime-itcompliance.com
www.hipaa.org

Gramm Leach Bliley Act

Gramm Leach Bliley (GLB), is another federal law with a much broader scope than HIPAA. This law was designed to compel financial institutions to "respect the privacy of its customers and to protect the security and confidentiality of those customers' non-public personal information." This language suggests that paper documents containing such personal information should also be protected when in use and safely destroyed when no longer current and usable.

www.ftc.gov
www.sec.gov
www.consumerprivacyguide.org
www.banking.senate.gov

FACTA

The Fair and Accurate Credit Transaction Act (FACTA), was signed into federal law in December 2003. It contains a number of mandates intended to combat consumer fraud and related crimes, including identity theft. Specifically, it requires the destruction of all paper documents containing identifiable consumer information.

Section 682.3 of the law states: “Any person who maintains or otherwise possesses consumer information, or any compilation of consumer information, for business purposes must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.”

Shredding of such documents “so that the information cannot be practicably be read or reconstructed” meets the law’s standard.

www.fdic.gov
www.privacyrights.org
www.ftc.gov

Additional Links

National Association of Information Destruction — www.naidonline.org
The Authority on Managing Records and Information — www.arma.org