Knowledge Center

Shred Facts:

  • Identity theft is on the rise and information-based fraud is the fastest growing crime in the U.S.
  • The U.S. Supreme Court ruled that you give up ownership of information when it is casually discarded.
  • Because of the new laws; investigative reporters are increasingly looking to the dumpster as a source of easy to find headlines.
  • The only way that having your own shredder is less expensive is if your employees don’t use it.  When your company destroys everything that it should, it is far less expensive to outsource than to shred it yourself.
  • An office with just a few employees can generate over 100 pounds of paper every month.  That means many hours spent feeding a few sheets into a small office shredder.  It is far more secure, economical and convenient to collect these materials in a security container than for you to try to keep up with it
  • Shredding yourself provides no record of compliance

 

Federal Laws


Gramm-Leach-Bliley Act (1999) Financial Services Modernization Act

This Federal legislation went into effect in 2000, the privacy provisions in the law require that financial institutions and insurance companies give consumers prior notice of an intention to share personal information and a chance to opt out of the sharing of such information. The law states that these institutions and companies need to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public information.” The language suggested in the Safeguard Rule that paper documents containing such personal information should also be protected and safely destroyed.


The Fair and Accurate Credit Transaction Act (FACTA)

In general, the Act amends the Fair Credit Reporting Act (“FCRA”) to enhance the accuracy of consumer reports and to allow consumers to exercise greater control regarding the type and amount of marketing solicitations they receive. FACT Act also establishes uniform national standards in key areas of regulation regarding handling and disposal of consumer information in the possession of all companies and organizations.


Health Insurance Portability & Accountability Act (HIPAA)

HIPAA was enacted in 1996 and the mandatory compliance date is April 14, 2003. All hospitals, doctors, pharmacies, health plans, medical billing companies and any other business entity involved in the healthcare industry must comply. The rules apply to all protected health information. The Standard for Privacy of Identifiable Health Information requires that covered entities put in place administrative, technical and physical safeguards to protect the privacy of protected health information. One example given of a safeguard for the proper disposal of paper documents containing protected health information is that the documents be shredded prior to disposal.


Federal Privacy Act of 1974

This law was established in 1974 to insure that government agencies protect the privacy of individuals and businesses with regard to information held by them and to hold these agencies liable for any information released without proper authorization.


Economic Espionage Act of 1996 (EEA)

The Economic Espionage Act is a very powerful law which helps with the enforcement of properly handling information. This law is the first federal law that defines and severely punishes misappropriation and theft of trade secrets. However, according to this Act, the government will only protect companies who take “reasonable measures” to safeguard their information.


State Specific Shredding Laws

Individual states have specific laws regarding identity theft and document destruction.


The Red Flags Rule:

Effective December 31st 2010, the Red Flags Rule requires organizations extending payment terms to customers and that have personal information on file to create a written “program” that identifies where personal customer information is vulnerable to unauthorized access or where the organization is vulnerable to ID theft. And to institute precautions to prevent ID theft and train there employees to comply with such precautions.