“WHAT ARE THE LEGAL REQUIREMENTS?”
The Privacy Act of 1974 was established to:
- Insure that government agencies protect the privacy of individuals and businesses with regard to the information held by them
- Hold these agencies liable if information is released without the authorization of the individual
- Ensure that consumer records are securely destroyed
The Health Insurance Portability and Account Act (HIPPA):
- Is intended to safeguard the privacy of patient health records
- Provides stiff penalties for companies and/or individuals found to be in violation of HIPAA regulations
The Gramm-Leach-Bliley Act (GLB):
- Compels financial institutions to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public personal information.”
- Suggests that paper documents containing such personal information should also be protected when in use and safely destroyed when no longer current and usable.
Fair and Accurate Credit Transactions Act (FACTA):
- Contains a number of mandates intended to combat consumer fraud and related crimes, including identity theft.
- Requires the destruction of all paper documents containing identifiable consumer information.
- “Any person who maintains or otherwise possesses consumer information, or any compilation of consumer information, for business purposes must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.”
Sarbanes-Oxley Act (SOX):
- Protects investors by improving the accuracy and reliability of corporate disclosures
made pursuant to the securities laws, and for other purposes.
- According to the Federal Trade Commission and the Better Business Bureau, approximately 9.3 million adults have been victimized by some form of identity theft annually.
- The Better Business Bureau reports that identify theft is more prevalent offline with paper than online.
- The Better Business Bureau estimates that over 80% of all identity theft comes from unsecured paper records; less than 5% from online transactions.