Titan Logo (226 x 81)
Service Recommendation

Laws and Regulations

TITAN helps you comply with all laws and regulations – NAID AAA Certification, Compliance Toolkit, Employee Training and CSDS® on staff. Call us now for compliance assistance – 866-TITAN-99

The Fair and Accurate Credit Transaction Act (FACTA – 2003) 

  • Enhance the accuracy of consumer reports.
  • Allow consumers to exercise greater control regarding the type and amount of marketing solicitations they receive.
  • Establishes uniform national standards in key areas of regulation regarding handling and disposal of consumer information in the possession of all companies and organizations

Gramm-Leach-Bliley Act – Financial Services Modernization Act (GLB – 1999)

  • The privacy provisions require that financial institutions and insurance companies give consumers prior notice of an intention to share personal information and a chance to opt out of the sharing of such information.
  • The law states that these institutions and companies need to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public information.”
  • The Safeguard Rule recommends that paper documents containing such personal information should be protected and safely destroyed.
  • This Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information.
  • The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions — such as credit reporting agencies — that receive customer information from other financial institutions.

Health Insurance Portability & Accountability Act (HIPAA – 1996)

  • All hospitals, doctors, pharmacies, health plans, medical billing companies and any other business entity involved in the healthcare industry must comply with this act.
  • The rules apply to all protected health information.
  • The Standard for Privacy of Identifiable Health Information requires that covered entities put in place administrative, technical and physical safeguards to protect the privacy of protected health information.
  • One example given of a safeguard for the proper disposal of paper documents containing protected health information is that the documents be shredded prior to disposal.

American Recovery and Revitalization Act (ARRA – 2003)

  • Includes HITECH modifications to HIPAA; breach notification and fines up to $50,000 per violation.
  • Health and Human Services Final Omnibus Rule 2013 – Shredding companies defined as Business Associates.

New Jersey Identity Theft Prevention Act (2006)

  • Applies to businesses and public agencies, they are required to minimize the risk of identity theft.
  • Must destroy customer records that contain private personal information that are no longer retained.
  • Records must be shredded, erased or otherwise modified to make personal information unreadable .

Federal Privacy Act of 1974 (updated DOJ 2015)

  • Established to insure that government agencies protect the privacy of individuals and businesses with regard to information held by them.
  • It holds these agencies liable for any information released without proper authorization.

Economic Espionage Act of 1996 (EEA)

  • This law is the first federal law that defines and severely punishes misappropriation and theft of trade secrets.
  • According to this Act, the government will only protect companies who take “reasonable measures” to safeguard their information.
  • The United States Supreme Court has ruled that, once discarded, items left for waste collection are no longer protected as private property.

Family Educational Rights and Privacy Act (FERPA – 1974)

  • Federal law that protects the privacy of student education records.
  • The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

Sarbanes Oxley Act (SOX – 2002)

  • Enacted after Enron and Worldcom financial scandals to increase corporate responsibility and financial reporting to combat fraud.
  • Applies to public companies based in the United States or traded on the US stock exchanges.
  • Requires a written record information management policy and procedures, including the process and procedures for proper document destruction.
  • If convicted of violating, strict fines and imprisonment of up to 20 years.

Payment Card Industry Data Security Standard (PCI-DSS) – (2006, updated 2015)

  • Verify that hard copy materials are crosscut shredded, incinerated, or pulped such that there is reasonable assurance the hard-copy materials cannot be reconstructed.
  • Examine storage containers used for information to be destroyed to verify that the containers are secured. For example, verify that a-to-be-shred container has a lock preventing access to its contents.
  • Verify that cardholder data on electronic media is rendered unrecoverable via a secure wipe program in accordance with industry-accepted standards for secure deletion, or otherwise physically destroying the media (e.g., degaussing).

Check Clearing for the 21st Century (Check 21 Act – 2004)

  • Allows banks to make check processing fast and more efficient by handling more checks electronically.
  • Bank and other financial institutions must establish a retention and destruction policy for the checks and substitute checks in paper or electronic format.
  • Checks are typically retained at the branch-level prior to secure destruction.

 

  • NAID Certified Destruction Company

  • 100 Philadelphia Logo

  • We recycle logo

  • Fastest Growing Companies Logo

  • Click to Verify Certification

Get in touch

Recent News

Properly Destroying Digital Storage Devices

Why Is Digital Storage Destruction Important The National Association for Information Destruction® (NAID®) recently shared the results of an extensive study conducted to assess the … Read More...

Fun Facts about Paper Shredding

Paper Shredding Has a Long History!   Paper shredding may appear like a routine mechanical process, but the method has been in practice for over a century. Today, many companies use … Read More...

Contact Us

  • This field is for validation purposes and should be left unchanged.