Laws and Regulations
Avoid Liability With Proper Document Shredding Laws
There are many laws in effect that require businesses to protect the privacy of their clients. Not knowing these laws does not relieve your business of legal and financial consequences.
Breaking these laws is as easy as throwing a piece of paper in the trash that has private information on it. American Document Shredding can help you establish the correct document retention and shredding policies and practices for your business.
For your convenience, American Document Shredding has listed our most Suggested Retention Period Guidelines. Please note that this is only a general guide and each state, industry, and company’s actual period guidelines must be determined individually. Considerations should be federal and state guidelines as well as your own operational needs. You may need to consult your legal adviser for a more detailed guide.
Briefly described below are several of the federal laws and their requirements.
The Economic Espionage Act
This act, passed in 1996, concerns trade secrets and the theft thereof. While it is certain that you would not knowingly try to steal trade secrets, the act does not make it clear that large fines and possibly imprisonment await any person or organization who, “without authorization, copies, duplicates, sketches, drawings, photographs, downloads, uploads, alters, destroys, photocopies, replicates, transmits, delivers, sends, mails, communicates, or conveys a trade secret.” As this applies to throwing a trade secret in a public garbage storage, shredding information related to trade secrets is extremely important. It is also very cost effective, especially considering that organizations that violate this act can be fined as much as 10 million dollars!
Health Insurance Portability and Accountability Act (HIPAA)
This federal law passed by Congress in 1996 and the accompanying 2002 regulation known as the Privacy Rule, applies to all healthcare entities and restricts how healthcare providers may handle and disclose personal Protected Health Information (PHI). PHI is defined as any identifiable health, medical or demographic information that describes the individual’s personal identity. This includes – but is not limited to – name, address, phone number, e-mail, photographs, charts, tests, records, etc. In general, healthcare entities must ensure that only approved personnel handle protected health information, and only for purposes specified in the law and regulation.
The Gramm-Leach-Bliley Act
This 1999 act was instituted to modernize financial institutions and businesses that receive personal information in the course of conducting business. This law contains the Financial Privacy Rule, which requires financial institutions to provide their customers with comprehensive privacy notices. The act also includes the Safe-gaurds Rule, which requires all financial institutions to establish through standards and safe-gaurds for handling and disclosure of that information.
Fair and Accurate Credit Transactions Act (FACTA)
Effective June 2005, the Fair and Accurate Credit Transactions Act of 2003 was designed to protect customers and consumers from increasingly common crime identity theft. This particular law applies to every business in America that collects customer information, to ensure that the information is protected from unauthorized access or use. In addition, the Disposal Rule requires that when such information is discarded, it must be appropriately destroyed by shredding, burning or pulverizing.
The Sarbanes-Oxley Act
The Sarbanes-Oxley Act was passed in 2002 in response to many of the corporate and securities fraud violations that were making news at the time. It is extremely detailed, and implements a wide range of requirements that companies must abide by. Within this rule, it is clearly defined that the “destruction, alteration, or falsification of records in Federal investigations and bankruptcy,” along with the “destruction of corporate audit records” are illegal, and could possibly result in large fines and as many as 10 years of imprisonment.
Shredding documents is not to be taken lightly – if not carefully considered, shredding information can be a devastating mistake. We at American Document Shredding, are the perfect solution for ensuring that your documents are handled properly, American Document Shredding will even send our experts to your location to handle the destruction of your important information.