Shredding Laws
  
 
 
 

Quite a few laws have been enacted to help keep protected information from getting into the wrong hands. In addition to the customer fall-out and lawsuits that may occur following a security breach, companies may also face stiff fines and penalties for not having a secure document destruction plan in place. Several of the most prominent laws are listed below:

FACTA - The Fair and Accurate Credit Transactions Act
HIPAA - The Health Insurance Portability and Accountability Act
GLB - The Gramm, Leach, Bliley Act

FACTA, also known as the Fair and Accurate Credit Transactions Act, affects every business in the United States. The “Final Ruling” enacted in November of 2004 is designed to limit the risk of identity theft and consumer fraud. Any person or business that possesses consumer information must take reasonable measures to protect against unauthorized access or use of the information in connection with its disposal. FACTA defines “proper disposal” as burning, pulverizing, or shredding. For more information on FACTA click here.

Penalties, fines, and financial losses for noncompliance are steep:

• Federal Fines up to $2,500 per violation. This means that just one “un-shredded” box of old customer data could result in dozens of violations and cost your company tens of thousands of dollars.
• State Fines of up to $1000 per violation.
• Punitive damages through class-action lawsuits.
• Civil Liabilities. If identities are stolen or lost due to lack of protective procedures or corporate negligence, actual or statutory damages totaling thousands of dollars could be awarded.
• Loss of Customers. A recent study has shown that the negative publicity created by a security breach causes a significant loss of customers.

Michigan Shredding will help you establish a secure information destruction program to help you comply with FACTA. Call us today: (866) 708-0726.

HIPAA, also known as the Health Insurance Portability and Accountability Act (1996), was enacted to ensure the responsible handling of patient information. It mandates that healthcare information be securely transmitted, securely stored, and then securely destroyed. HIPAA noncompliance opens the door not only to serious fines and penalties, but expensive lawsuits and negative publicity. To learn more about HIPAA click here. Michigan Shredding will help you establish a secure information destruction program which complies with HIPAA. Call us today: (866) 708-0726.

GLB, also known as the Gramm-Leach-Bliley Act (1999), was enacted to ensure the responsible handling of consumer information. It mandates that all banking and financial institutions securely transmit, securely store, and securely destroy consumer information. In addition to banks and credit unions, the term “financial institution” has been extended to include other businesses such as:

• Check-Cashing & Pay-Day Loan Businesses
• Mortgage Brokers
• Real Estate Appraisers
• Tax Preparers
• Auto Leasing Companies
• Courier Services
• Insurance Companies

The provisions of GLB essentially apply to any business, regardless of size, that is “significantly engaged in providing financial products or services”. If you collect consumer personal information, you need to have a system in place to securely store it and destroy it. GLB noncompliance opens the door to serious fines and penalties (up to $100,000 for each violation), expensive lawsuits, and negative publicity. To learn more about the GLB Act click here. Michigan Shredding will help you establish a secure information destruction program to help you comply with GLB. Call us today: (866) 708-0726.

 

 

Every business has information that requires destruction. Here are 7 important facts you will want to consider

 

 

NON-COMPLIANCE LANDS $15 MILLION IN FINES
Posted on Thursday, 3rd August 2006

JANUARY, 2006: The Federal Trade Commission levied $15 million in fines on Georgia-based ChoicePoint Inc. This is the largest civil penalty ever brought against a company by the FTC and signals an increasingly tough stance against businesses that do not adequately protect sensitive information.

Security managers and attorneys who specialize in security-related legal matters feel that the stiff fine should be a wake-up call for all businesses. They also warn that companies that do not yet have have written data security and document destruction measures in place could also face stiff fines. http://www.ftc.gov/opa/2006/01/choicepoint.htm

.
MICHIGAN EMPLOYERS MUST SAFEGUARD DATA!!
Posted on Monday, 7th August 2006

March 2005: The Michigan Court of Appeals became the FIRST state appellate court to allow identity-theft victims to recover damages from an organization that did not safeguard personal information that became the target of identity theft. Secure document destruction is part of the solution. http://www.ncsconline.org/WC/FAQs/IdThefFAQ.htm

.
All contents © copyright 2008 MichiganShredding.com. All rights reserved.