PROSHRED® San Francisco Bay Area Shredding
California Privacy Laws
According to the FTC, since 2014, more than 1,000,000 people become victims fraud or other complaints in California, that’s nearly a quarter of metropolitan San Francisco or about as many people who have attended a San Francisco 49ers home game from 2015 until the 2017 season. What is even more terrifying is that nearly 40,000 people were victims of Identity Theft in 2014. Those numbers are staggering and unfortunately, this is one of the fastest growing crimes in California with no end in sight. Most of the time, identity theft is entirely preventable and can easily be avoided by the proper destruction of paper documents, files or hard drives.
This is why our California State lawmakers are making urgent efforts to protect its’ citizens and since the mid-1970’s, lawmakers have implemented several Acts and laws to eliminate this growing security threat. The goal of these Acts and laws is to ensure every government office, business, law enforcement agency and healthcare facility keeps the private information of those who utilize their services, secure. Anyone who is found to be in breach of these laws will be subjected to huge fines and massive penalties.
In short, it is your obligation to protect your customers and employees private information and yourself!
This resource page will explain many different privacy acts, both state and federal, that must be complied with.
Important Compliance Information
Fair and Accurate Credit Transactions Act (FACTA)
FACTA is the Fair and Accurate Credit Transaction Act. This is a federal law that applies to every business in the great State of California and throughout the United States. FACTA was created to reduce and eliminate the risk of fraud as well as identity theft. Any business or company that incorrectly disposes of confidential information can be subjected to extremely high fines of up to $2500 per file.
Health Insurance Portability and Accountability Act (HIPAA)
HIPAA is the Health Insurance Portability and Accountability Act. This federal act applies to every hospital, medical clinic or dental office that stores the confidential information of their patients and each of these institutions must comply with this act. The goal of this act is to keep patient records secure and confidential during when they are in storage. HIPAA also applies to the proper destruction of patient files when they no longer need to be stored.
Gramm-Leach-Bliley Act (GLBA)
GLBA is the Gramm-Leach-Bliley Act and is an act that specifically designed for financial institutions in the State of California but GLBA also applies to any business or company that handles customer information. The purpose of this act is to protect the financial information of customers and penalize any business or bank that fails to do so. All financial institutions and businesses are required design, implement and maintain safeguards to protect customer information from the hands of identity thieves.
Sarbanes-Oxley Act (SOX)
SOX is the Sarbanes-Oxley Act of 2002 and it is a mandatory act that every organization must comply with, regardless of their size. It was put in place to protect investors from the potential threat of fraudulent accounting activity by corporations. The SOX Act emphasized strict changes as a means of improving financial disclosures from corporations, and to prevent accounting fraud in general.
Economic Espionage Act (EEA)
EEA is the Economic Espionage Act. It was designed by Congress with the goal of making misappropriation of trade secrets a federal crime. It is extremely important to make this law a critical part of your disposal process or your business could be subjected to some pretty significant fines or penalties.
Family Educational Rights & Privacy Act (FERPA)
FERPA is the Family Educational Rights and Privacy Act and it is designed to help protect the private information and records of students who attend schools in the great State of California. This Federal Act applies to every educational institution that receives funding from California’s Department of Education and these institutions must remain in compliance with this Act.
California Senate Bill 1386
The California Senate Bill 1386 was designed for every agency, person or business in California that owns or licenses computerized personal information to properly disclose if there has been a breach of their security. The information this Bill is designed to protect includes but is not limited to printed Social Security numbers, employee IDs, bank statements or any other potentially identifying documents.
California Online Privacy Protection Act of 2003 (COPPA)
COPPA is the California Online Privacy Protection Act of 2003. This act was created for any operator of a commercial website that collects the confidential information of people who uses their services. Because most private data is stored on servers or computer hard drives and California is synonymous with Silicone Valley, our lawmakers recognized the need to protect online user information. This act is yet another reason why it is so important to shred all of your old hard drives, especially if you collect client information online because there are some extremely fines and penalties given to any person or business who is found to not be in compliance.
The Privacy Act of 1974
The Privacy Act of 1974 was created specifically for every government institution in the State of California that stores confidential information. These confidential records must be securely stored in order to prevent data breaches and when the time comes, these files must be shred to remain in compliance with this act.
California “Shine the Light” Law
The California “Shine the Light” Law became part of the California Civil Code in 2005 and the main purpose of this State Law is designed to protect the confidential information of any person who has shared their private data with a business. If that business wants to share customer data it has collected with other companies, it must do so in compliance with the California “Shine the Light” Law. All confidential data becomes the responsibility of the business that ‘owns’ the law requires them to properly store and securely dispose of this information.