Servicing Baltimore, Philadelphia, Washington DC, New York, and surrounding regions.

Confidential paper document (and other media such as computer tape and hard drives) destruction is a legislative driven concern for all businesses designed to protect consumer information. Strict federal and state legislation has resulted in an acute awareness and close attention in management of security procedures surrounding the concern over Identity Theft and safeguard of other corporate proprietary records. The laws have clearly stated that custody of these files includes responsibility in proper handling and destruction. Some industries, particularly banking, finance, insurance, medical and consumer related businesses are specifically regulated, however, anyone who handles private data is subject to the laws and subsequent penalties. Many firms consider the fines imposed to be minor compared to the serious negative effect on their business should the public be aware of a breach in security.

Tens of millions of Americans are victims of Identity Theft each year resulting in billions of dollars in cost. A large percentage (in excess of 60%) of those losses are attributable to off-line methods such as dumpster diving, compared to only slightly more than 10% from on line internet schemes.

A simple, low cost practice to routinely shred end-of-cycle confidential files is an area where Mobile Data Shredding, Inc. will be of value to you.

Negligent mishandling of waste documents has resulted in the enactment of laws designed to protect the privacy of businesses and individuals. A few of those laws are listed below:

 

PRIVACY LEGISLATION AND REGULATORY GUIDANCE

Federal Legislation

The Federal Government has stepped in and aggressively legislated several statutes to protect individual privacy as well as requirements for businesses to take appropriate measures to dispose of sensitive information.

  • The Fair and Accurate Credit Transaction Act (FACTA) applies to all organizations that obtain and maintain private individuals' data including credit reports, credit scores, employment background, check writing history, insurance claims, residential and medical history.
  • The Gramm-Leach-Bliley Act (GLB) specifically addresses financial institutions' and insurance companies' obligations to "respect the privacy of its customers and to protect the security and confidentiality of those customers' non-public information."
  • The Health Insurance Portability and Accountability Act (HIPAA) pertains to the medical field; the privacy of patient health records as well as appropriate safeguards and destruction of those records prior to disposal.

State Legislation

Many of the states have enacted similar laws adopting and further confirming Federal Law, as well as imposing significant fines for violations.

  • The Maryland Consumer Protection - Personal Information Protection Act of 2008 is summarized as: "When a business is destroying a customer's records containing the customer's personal information, the business must take reasonable steps to protect against unauthorized access to or use of the personal information, taking specified considerations into account."
  • The Pennsylvania Breach of Personal Information Notification Act of 2006 states that businesses are required to notify individuals whenever their personal information has been released to unauthorized parties and when such a breach in security has caused a loss to a Pennsylvania resident. This act addresses the guardianship responsibilities with paper and computerized customer data.
  • The New Jersey Identity Theft Prevention Act of 2006 (ITPA) is designed to protect individual privacy by notifying those whose data has been violated and initiating freezes on consumer reporting functions when necessary. Specifically, data destruction requirements are addressed.
  • The New York Information Security Breach and Notification Act of 2005 applies to any individual or business operating in the state of New York. Requirements are to notify individuals whenever their personal information has been released to unauthorized parties and when such a breach in security has caused a loss. This act addresses the guardianship responsibilities with paper and computerized customer data.
There are many other Federal and State Laws and Regulations associated with and specific to safe, proper and secure management of private documents and information while in the custody of corporate organizations. Feel free to contact us for more information with regard to any specific state's legislation, classification of business or other legal requirements.