Titan Logo (226 x 81)
Service Recommendation

Laws and Regulations

TITAN helps you comply with all laws and regulations – NAID AAA Certification, Compliance Toolkit, Employee Training and CSDS® on staff. Call us now for compliance assistance – 866-TITAN-99

The Fair and Accurate Credit Transaction Act (FACTA – 2003) 

  • Enhance the accuracy of consumer reports.
  • Allow consumers to exercise greater control regarding the type and amount of marketing solicitations they receive.
  • Establishes uniform national standards in key areas of regulation regarding handling and disposal of consumer information in the possession of all companies and organizations

Gramm-Leach-Bliley Act – Financial Services Modernization Act (GLB – 1999)

  • The privacy provisions require that financial institutions and insurance companies give consumers prior notice of an intention to share personal information and a chance to opt out of the sharing of such information.
  • The law states that these institutions and companies need to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public information.”
  • The Safeguard Rule recommends that paper documents containing such personal information should be protected and safely destroyed.
  • This Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information.
  • The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions — such as credit reporting agencies — that receive customer information from other financial institutions.

Health Insurance Portability & Accountability Act (HIPAA – 1996)

  • All hospitals, doctors, pharmacies, health plans, medical billing companies and any other business entity involved in the healthcare industry must comply with this act.
  • The rules apply to all protected health information.
  • The Standard for Privacy of Identifiable Health Information requires that covered entities put in place administrative, technical and physical safeguards to protect the privacy of protected health information.
  • One example given of a safeguard for the proper disposal of paper documents containing protected health information is that the documents be shredded prior to disposal.

American Recovery and Revitalization Act (ARRA – 2003)

  • Includes HITECH modifications to HIPAA; breach notification and fines up to $50,000 per violation.
  • Health and Human Services Final Omnibus Rule 2013 – Shredding companies defined as Business Associates.

New Jersey Identity Theft Prevention Act (2006)

  • Applies to businesses and public agencies, they are required to minimize the risk of identity theft.
  • Must destroy customer records that contain private personal information that are no longer retained.
  • Records must be shredded, erased or otherwise modified to make personal information unreadable .

Federal Privacy Act of 1974 (updated DOJ 2015)

  • Established to insure that government agencies protect the privacy of individuals and businesses with regard to information held by them.
  • It holds these agencies liable for any information released without proper authorization.

Economic Espionage Act of 1996 (EEA)

  • This law is the first federal law that defines and severely punishes misappropriation and theft of trade secrets.
  • According to this Act, the government will only protect companies who take “reasonable measures” to safeguard their information.
  • The United States Supreme Court has ruled that, once discarded, items left for waste collection are no longer protected as private property.

Family Educational Rights and Privacy Act (FERPA – 1974)

  • Federal law that protects the privacy of student education records.
  • The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

Sarbanes Oxley Act (SOX – 2002)

  • Enacted after Enron and Worldcom financial scandals to increase corporate responsibility and financial reporting to combat fraud.
  • Applies to public companies based in the United States or traded on the US stock exchanges.
  • Requires a written record information management policy and procedures, including the process and procedures for proper document destruction.
  • If convicted of violating, strict fines and imprisonment of up to 20 years.

Payment Card Industry Data Security Standard (PCI-DSS) – (2006, updated 2015)

  • Verify that hard copy materials are crosscut shredded, incinerated, or pulped such that there is reasonable assurance the hard-copy materials cannot be reconstructed.
  • Examine storage containers used for information to be destroyed to verify that the containers are secured. For example, verify that a-to-be-shred container has a lock preventing access to its contents.
  • Verify that cardholder data on electronic media is rendered unrecoverable via a secure wipe program in accordance with industry-accepted standards for secure deletion, or otherwise physically destroying the media (e.g., degaussing).

Check Clearing for the 21st Century (Check 21 Act – 2004)

  • Allows banks to make check processing fast and more efficient by handling more checks electronically.
  • Bank and other financial institutions must establish a retention and destruction policy for the checks and substitute checks in paper or electronic format.
  • Checks are typically retained at the branch-level prior to secure destruction.


  • NAID AAA Certified Destruction Company

  • 100 Philadelphia Logo

  • We recycle logo

  • Fastest Growing Companies Logo

  • Click to Verify Certification

Get in touch

Recent News

Personal Document Shredding Guidelines

Know What to Keep and What to Shred How often do you find yourself emptying out your wallet or handbag, simply because it … Read More...

Service Update

We are all experiencing very challenging times as a result of the ongoing Coronavirus/COVID-19 situation. The TITAN Mobile … Read More...

View All News....

Contact Us

  • This field is for validation purposes and should be left unchanged.