Did you know there are actual laws regarding Document Privacy and paper shredding? Most small businesses and residents are not aware of the laws for the proper disposal of records containing personal information. Massachusetts Attorney General is very serious about protecting residents and businesses from identity theft. It doesn’t matter if the information was used in a crime or the age of the documents, the mere fact that documents were disposed of in an improper manner will find that company or individual answering to the Attorney General’s office and in wrong side of the law. And in all likelihood, they will find themselves writing a large settlement check to the State and will incur a hefty legal bill.
Fair and Accurate Credit Transactions Act (FACTA)
The Fair and Accurate Credit Transactions Act, 2003 (FACTA) was enacted in December 2003 with more specific document destruction rules coming into effect on June 1, 2005. FACTA amended the existing Fair Credit Reporting Act providing consumers, companies, consumer reporting agencies and regulators with new tools to expand consumer access to credit, enhance the accuracy of consumer financial information, and help fight identity theft. FACTA is administered by the Federal Trade Commission (FTC).
Family Educational Rights and Privacy Act (FERPA)
The Family Educational Rights and Privacy Act (FERPA) is a federal U.S. law that protects the privacy of student education records.
Gramm-Leach-Bliley Act (GLB Act)
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLB Act), protects the privacy of consumer information held by financial institutions and requires companies to give consumers privacy notices that explain the institutions information-sharing practices. The Act also provides consumers with the right to limit some sharing of their information.
Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is United States federal law that requires health care organizations to “maintain reasonable and appropriate, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information.” Protected health information (PHI) includes patient medical records, patient logs, insurance, billing and other personally identifiable health information.
Sarbanes-Oxley Act (SOX)
Enacted following a series of high-profile accounting scandals in the United States, most notably Enron and Worldcom, the Sarbanes-Oxley Act of 2002 (SOX) is intended to enhance corporate responsibility and financial reporting as well as combat corporate and accounting fraud. It is one of the most complex pieces of legislation passed in the United States in recent years and includes some of the most far-reaching reforms of American business practices since the 1930’s.
US Safe Harbor Program
The European Union’s Directive on Data Protection prohibits the transfer of personal data to US companies which do not meet the Commission’s standards for privacy protection.
USA Patriot Act
The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA Patriot Act) was enacted in October 2001 in an effort to “deter and punish terrorist acts in the United States and around the world, to enhance law enforcement investigatory tools and for other purposes.”