Security & Compliance
Call Us Today For Your Shredding Estimate
Security
Identity theft is considered to be the fastest growing crime in America. The FBI estimates its cost to U.S. corporations at $24 billion annually! There have been various legislation aimed at preventing Identity theft. Medical, financial, and even general businesses are required to take protective measures in the disposal of confidential information. The links below may be helpful in determining what your business needs to do:
Privacy Legislation
Identity theft is considered to be the fastest growing crime in America. The FBI estimates its cost to U.S. corporations at $24 billion annually!
There have been various legislation aimed at preventing Identity theft. Medical, financial, and even general businesses are required to take
protective measures in the disposal of confidential information. The links below may be helpful in determining what your business needs to do!
Compliance
FACTA
The Fair and Accurate Credit Transactions Act protects safe disposal of consumer information. Any business that maintains consumer information must “take reasonable measures to protect against unauthorized access or use of the information in connection with its disposal.” FACTA requires burning, pulverizing or shredding, with noncompliance resulting in federal (up to $2,500 per violation) and state (up to $1,000 per violation) fines, civil liability ($1,000 per employee) and class action lawsuits.
HIPAA
The Health Insurance Portability and Accountability Act of 1996 ensures that U.S. healthcare organizations safeguard patient information and privacy including secure disposal of any personal information. HIPAA noncompliance can result in criminal penalties reaching $250,000 and up to 10 years in prison and civil fines of up to $25,000 a year.
GLB
Gramm-Leach-Bliley requires banking and financial institutions across the United States to describe how they will protect the confidentiality and security of consumer information. GLB noncompliance can result institutional civil penalties of up to $100,000 for each violation, personal civil liability by officers and directors of up to $10,000, class-action lawsuits and imprisonment for up to five years.
EEA
The Economic Espionage Act of 1996 establishes monetary fines for the misappropriation and theft of trade secrets for companies who do not take “reasonable measures” such as secure document destruction to safeguard their information. A defendant convicted for theft of trade secrets under Section 1832 of the EEA an be imprisoned for up to 10 years and fined $500,000. Corporations and other establishments can be fined up to $5 million.
SOX
Sarbanes-Oxley Act of 2002 requires U.S. public companies to maintain information and records management policies and procedures and to halt regular document destruction if they expect the company will face a government investigation, audit or other official proceedings.
State Legislation – Pennsylvania
Pennsylvania Senate Bill 713, the Breach of Personal Information Notification Act, requires any business that operates in the state of Pennsylvania and stores confidential consumer data to notify individuals when a security breach results in their personal information being released to unauthorized parties.