Does your business violate the FACTA disposal rule?

02
Dec
2019
42 Views

The FACTA Disposal Rule is designed to prevent the unauthorized access to – or use of – information in a consumer report. Is your business compliant?

When people think of business regulation, the Securities and Exchange Commission or HIPAA may come to mind first. But just because you are not in the healthcare industries, that does not mean your business is off the hook when it comes to secure destruction of confidential information. On June 1, 2005, The Federal Trade Commission (FTC) enacted The Disposal Rule which requires businesses to take appropriate measures to dispose of sensitive information derived from consumer reports. Any business (or individual) who uses a consumer report for a business purpose is subject to the requirements of the Disposal Rule. The FTC also encourages businesses who deal with any records containing a consumer’s personal or financial information to take similar protective measures. Businesses who are subjected to the FACTA Disposal Rule include, but are not limited to, the following:

  • consumer reporting companies,
  • lenders,
  • insurance companies,
  • landlords,
  • government agencies,
  • automotive dealers,
  • attorneys, and
  • debt collectors.

Businesses of all sizes, as well as individuals who may pull consumer reports on prospective home employees such as nannies or care givers, are included. According to the FTC, “The Fair Credit Reporting Act defines the term consumer report to include information obtained from a consumer reporting company that is used – or expected to be used – in establishing a consumer’s eligibility for credit, employment, or insurance, among other purposes.”

The Disposal Rule is designed to prevent the unauthorized access to – or use of – information in a consumer report. The way in which this confidential information is destroyed is more flexible than some of the other governing bodies. The FTC considers burning, pulverizing, or shredding papers and destroying or erasing electronic files or media containing consumer report information so that the information cannot be read or reconstructed. The FTC also allows businesses to conduct due diligence and hire a document destruction contractor to dispose of material specifically identified as consumer report information consistent with the Rule. The FTC states that “Due diligence could include: reviewing an independent audit of a disposal company’s operations and/or its compliance with the Rule; obtaining information about the disposal company from several references; requiring that the disposal company be certified by a recognized trade association; or reviewing and evaluating the disposal company’s information security policies or procedures.”

There are penalties associated with breaking the Disposal Rule range from the thousands for state and federal penalties to millions of dollars in the form of a class action lawsuit (see: Equifax for proof of that!).

SRS helps many businesses stay compliant through our shred program. We provide you a secure shredding container to your office based on your volume needs. Each bin is equipped with a locking system that makes them secure to protect your sensitive files until they are destroyed. Then, on a regularly scheduled basis, typically every 1-4 weeks, one of our friendly, uniformed drivers will come to pick up your shredding. Our shredding process is NAID AAA-certified, meaning it meets  the industry’s most-stringent requirements and is subject to random audits by NAID to ensure compliance.

If you’re reading this and realize that you have files that need to be destroyed in order to become compliant with the Disposal Rule, we also offer one-time purges to destroy lots of documents at once. At SRS, we believe that the cost of a regular shred program is much cheaper than the cost of a breach, not only in terms of dollars, but in terms of your reputation. Please contact us today to find out if we can help your business adhere to the FACTA Disposal Rule.

 

LEAVE A COMMENT

Our Latest Consulting Insights

Tifton CEO: Secure Records Solutions Merges with ShredEZ

Tifton CEO recently shared a media release regarding Secure Records Solutions’ merger with ShredEZ out of Adel, Georgia: Tifton CEO reports that Secure Records Solutions (SRS) is a family owned and operated document management company headquartered in Thomasville, Georgia. The merger with ShredEZ, the first […]

Read More

Does your business violate the FACTA disposal rule?

The FACTA Disposal Rule is designed to prevent the unauthorized access to – or use of – information in a consumer report. Is your business compliant? When people think of business regulation, the Securities and Exchange Commission or HIPAA may come to mind first. But […]

Read More

EMR, Electronic Medical Record, EHR, Electronic Health Record, HIPAA, Scanning Medical Records, Thomasville, Tallahassee, Albany, Valdosta, Tifton, Dothan, Jacksonville, Atlanta, AHIMA, GHIMA, FHIMA

HomeTown Health 2019 Executive Leadership Program

Christopher P. Jones, Secure Records Solutions Partner, among 12 HomeTown Health Graduates of 2019 Executive Leadership Program Twelve individuals from Georgia rural hospitals and supporting organizations graduated from the HomeTown Health 2019 Executive Leadership Program. This group of individuals was recognized at the graduation and […]

Read More

How To Solve Your Office’s Space Issue

Does your office have a space issue? Hint: It’s actually a management issue! Recently, a potential client called me up and said they needed SRS to help them immediately. It was urgent – the practice’s office was literally running out of room. We, of course, […]

Read More

Which is the Best Shredding Solution for Your Business?

Secure Records Solutions currently offers two shredding solutions: mobile (onsite) and offsite.  Which is the best shredding solution for your business? In this blog, we detail the process for each method, and share the differences and similarities of each to help you choose which is […]

Read More

Secure Records Solutions Merges with ShredEZ of Adel, GA

As of October 2019, Secure Records Solutions has merged with ShredEZ. Secure Records Solutions is a family owned and operated document management company headquartered in Thomasville, Georgia. Founded in 2003, SRS is Southwest Georgia’s premier shredding company, known for our legendary client experience, highly accredited […]

Read More

How Can Your Office Reduce Its Paper Waste?

Did you know that the average office employee uses about 10,000 sheets of paper each year? If your office has 25 employees, that means your office goes through 250,000 pieces of paper annually.  Staggering, right?  If you use a desktop shredder and attempt to recycle […]

Read More

How Does the HIPAA Privacy Rule Apply to Paper Medical Records?

When the HIPAA Privacy Rule was established in 2003, it was intended to deal with privacy surrounding digital records; therefore, specific language surrounding the management of paper records is vague. While most practitioners are moving toward electronic records, many historical records remain in hard copy […]

Read More

phishing

Five Ways to Detect a Phishing Email Scam

Gone Phishing? It could lead to disastrous results. According to Symantec’s 2018 Internet Security Threat Report (ISTR), the average user receives 16 malicious spam emails or phishing attempts per month. Over the course of the year, that’s nearly 200 chances to accidentally give away a password, […]

Read More

scanning

What benefits does outsourced document scanning offer?

To Scan or not to scan, that is the question. For many rural hospitals, financial institutions, or businesses in highly-regulated industries, “just scan everything” is often the answer. While it’s seemingly the obvious solution, it’s never the easiest, and, in many times, it’s the most […]

Read More