Home
 Documents Management  &  Destruction
 Moving & Storage
 Warehousing
 Consulting
  Who We Are
    Mission Statement
    Customer Testimonials
    Social Enterprise
    Board of Directors
    News Items
 Contact Us
 Search

FYI: Why your business may require secure document destruction

HIPAA, FACTA and Sarbanes Oxley information:

HIPAA (Health Insurance Portability and Accountability Act) and the Sarbanes-Oxley bill have boosted the need for complete and secure document shredding privacy operations. Congress passed HIPAA in 1996, and legislators further released the law in several phases in 2000. HIPAA has had an enormous impact by defining Personal Health Information (PHI). Initially, it was commonly thought that these regulations applied only to doctors and hospitals. It is now apparent that most businesses have PHI on their employment records, health benefit records and Family Medical Leave Act (FMLA) records. Since PHI is ubiquitous, organizations are justifiably cautious about privacy and certainty of document destruction. The penalties for disclosure, after all, are both civil and criminal!

Top

Congress passed the Sarbanes-Oxley Act in 2002, vastly changing the detail and scrutiny that financial documents must have. This has had the effect of forcing companies to review their document storage and destruction policies. There has been an explosion in the document destruction business – especially the high-capacity, on-site destruction of documents as soon as they are no longer under storage mandates. Office-sized shredders cannot handle the volume of material efficiently, so it is common practice to contract with outside firms for this task.

Top

According to PrivacyActs.org, “The Fair and Accurate Credit Transaction Act of 2003 (FACTA) added new sections to the federal Fair Credit Reporting Act (FCRA, 15 U.S.C. 1681 et seq.), intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA. (Pub. L. 108-159, 111 Stat. 1952)…. The practice known as ‘dumpster diving’ provides identity thieves with a treasure trove of personal data. Irresponsible information disposal by businesses has been cited in numerous instances of fraud. Now under new FACTA provisions consumer reporting agencies and any business that uses a consumer report must adopt procedures for proper document disposal.

Top

“The FTC, the federal banking agencies, and the National Credit Union Administration (NCUA) have published final regulations to implement the new FACTA Disposal Rule. The FTC's disposal rule applies to consumer reporting agencies as well as individuals and any sized business that uses consumer reports. The FTC lists the following as among those that must comply with the rule:

  • Lenders
  • Insurers
  • Employers
  • Landlords
  • Government agencies
  • Mortgage brokers
  • Automobile dealers
  • Attorneys and private investigators
  • Debt collectors
  • Individuals who obtain a credit report on prospective nannies, contractors, or tenants
  • Entities that maintain information in consumer reports as part of their role as service providers to other organizations covered by the rule.”

What to save? What to store off-site? What to eliminate? How to decide?
Call Harbor City Services’ Privacy Officer at 410 737 6701 for more information.


110 Alco Place, Baltimore, MD 21227, 410-737-6701 harborcityservices.com