Better known as FACTA, it made sense afterward… and it is practical now.
As Robert Johnson, long time executive director of the National Association for Information Destruction (NAID) said in a statement: “Shredding documents and properly destroying computer files and hard drives can help ensure that records containing sensitive personal and fiscal information do not fall into the wrong hands.”
Identity theft is the top consumer complaint in the national standing of consumer complaints to the FTC.
FACTA is obviously an amendment to permit consumers to provide feedback to help reduce identity theft and to obtain a duplicate of their credit reports annually.
The disposal rule section says that all businesses or people who collect consumer information that is sensitive from a consumer report for a business purpose must correctly destroy that information when it isn’t any longer needed. The objective is always to minimize the possibility of dumpster divers locating business records that are discard and using that information.
Here is what businesses must understand:
Contrary to other privacy laws that influence just one sector, the law applies to virtually every business and private employer. For example, the following types of companies all handle sensitive consumer information: consumer reporting agencies, re-sellers and real estate brokerages.
Private information in the context of the law refers to files for example credit history, credit scores, employment background reports, check-writing medical histories, insurance claims, residential or tenant records, and histories.
Businesses must take ‘reasonable measures’ to protect information from unauthorized access in connection to its disposal. The FTC urges that companies set an info security policy in place that ensures that identity thieves can’t recreate sensitive data. Many security specialists urge shredding documents. Here is advice about file destruction best practices.
There are fines and punitive damages for non-compliance.
Documents, which contain personal information clearly tagged with destruction dates as part of a comprehensive document management policy, must be monitored.
Partnering using a dependable professional shredding service will safeguard documents from the time they’re discarded into locked high security containers to the time they have been removed for protected shredding on or off site.
The information security policy should include e-media and hard disk destruction also.