Florida’s Leader for Confidential Paper Shredding and Data Destruction
24 Hour Service Response: 1-800-838-3840
We Provide High Security Services for High Security Needs
ShredAssured provides Confidential Document Destruction and Paper Shredding Services
to clients throughout South Florida.
Contact us for Prompt, Professional Service in the following South Florida Counties: St. Lucie, Martin, Palm Beach, Broward, Miami-Dade, Monroe,
Collier, Lee, Hendry, Charlotte and Glades.
5407 N. Haverhill Rd., Ste. 340 | West Palm Beach, FL 33407
Phone: 561-753-4414 | Toll-Free: 1-800-838-3840
On the Web: | | | | |
Copyright © 2003-2012 ShredAssured, Inc. All Rights Reserved
Locally Owned - Professionally Operated
ShredAssured will customize one of our Secure Shredding Services to meet your needs, then pick up your material as often as you require.
ShredAssured is committed to protecting our environment with our Recycling Programs. It’s Safe, Secure and Environmentally Responsible.
Rest Assured With ShredAssured - Protecting Your Privacy Is Our #1 Priority!
Commercial, Residential & Drop-Off Paper Shredding Services
ShredAssured provides FREE locking Security Containers that can help you secure your records On-Site until they can be permanently destroyed.
> Shredding Laws and Regulations
Shredding Laws and Regulations
Could your company survive a lawsuit?
Various state, federal and international regulations govern the protection of private information. Disclosing private information — even by accident — could be grounds for a lawsuit. A secure, reliable shredding program will assist you in remaining legally compliant with privacy laws.
The following is an overview of the three main Federal laws and regulations that companies and organizations must be in compliance with. At ShredAssured, we stay abreast of these ever changing laws and how they affect the Data Destruction industry. You can count on us to protect your privacy and always keep you in compliance with them.
• The Fair and Accurate Credit Transactions Act (FACTA)
What is FACTA?
Signed into law on December 4, 2003, the Fair and Accurate Credit Transactions Act (FACTA) is federal legislation aimed at the prevention and penalization of consumer fraud and identity theft. Administered by the Federal Trade Commission (FTC), the FACTA Disposal Rule has been in effect since June 1, 2005. The Disposal Rule puts in place requirements for proper document disposal and destruction, and recognizes the problems that can and do arise when private information is disposed of in an irresponsible manner.
Who is affected by FACTA?
FACTA applies to virtually all persons and businesses in the United States, mandating that “any person who maintains or otherwise possesses consumer information, or any compilation of consumer information, for a business purpose must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.”
Under FACTA, consumer information is defined as personal identifying materials which extend beyond just a person’s name, including:
To comply with the FACTA Disposal Rule, businesses and individuals must take “reasonable
measures” to ensure such information does not fall into the wrong hands. Reasonable
measures include the “burning, pulverizing, or shredding” of paper documents, such
as the contracting of a third-party engaged in the document destruction business
to dispose of confidential information in a manner consistent with the Act.
Failure to abide by FACTA may result in stiff penalties. Victims are entitled to actual damages sustained due to incompliance; they may also seek statutory damages, and, in some cases, file class-action suits. Federal and state authorities are also empowered to bring legal enforcement actions against businesses that violate the Act.
• The Health Insurance Portability and Accountability Act (HIPAA)
What is HIPAA?
Signed into federal law in 1996, HIPAA was created to combat fraud and abuse in the health insurance industry. The Act stipulates that all United States health care organizations must "maintain reasonable and appropriate, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information."
HIPAA protection attaches to all information relating “to the past, present, or future physical or mental health or condition of an individual, or the past, present, or future payment for the provision of healthcare.” Materials that would contain such protected information include patient histories, logs, notes, forms, billing and insurance information, and any other records containing personal information in the possession of healthcare providers.
Who is affected by HIPAA?
Regardless of size, all healthcare providers in the United States must have documented policies defining reasonable measures that are being taken to protect personal health information and ensure the organization is protecting against unauthorized access to personal information.
This includes all organizations or individuals who retain and/or collect health-related information, such as: hospitals, medical centers, insurance companies, billing centers, collection agencies, doctors, dentists, chiropractors, psychiatrists, psychologists and any other institutions or individuals responsible for personal health-related information.
• The Gramm-Leach-Bliley Act (GLBA)
What is GLBA?
Also known as the Financial Services Modernization Act, the Gramm-Leach-Bliley Act (GLBA) was enacted in 1999 to protect private consumer information held by financial institutions. The GLBA requires banks to develop privacy notices and to provide customers with the option of prohibiting the sharing of their confidential information with non-affiliated third parties. On July 1, 2001, the Act was amended, requiring financial organizations to have a comprehensive, written information security program in place.
Who is affected by GLBA ?
The GLBA applies to virtually every business in the United States engaged in the “financial services” industry: institutions that provide financial products and services to consumers. This applies to all national banks and federal branches of foreign banks that are required to follow US banking regulations.
According to the Act, financial institutions are required to implement a comprehensive, written information security program that includes proper administrative, technical and physical safeguards, the nature of which are dependent upon the size and complexity of the organization. This requirement extends to any subsidiaries of the parent financial organization. The program must be designed to protect consumers’ non-public, personally-identifiable information by ensuring security and confidentiality of data, by preventing potential risks and threats to data, and by protecting against unauthorized access to or use of consumers’ private information.
When using service providers such as an outsourced document destruction company, financial institutions have a duty to safeguard their customers’ information while it is in the possession of the outsourced company. To adhere to this, the financial organization must use due diligence in selecting, managing and monitoring the service provider to ensure consumers’ private information is protected. This includes entering into contracts with a document destruction company when appropriate.
The following are brief descriptions for some of the other many laws and regulations that companies and organizations must be in compliance with. At ShredAssured, we stay abreast of all these ever changing laws and how they affect the Data Destruction industry. You can count on us to protect your privacy and always keep you in compliance.
• The 1974 Federal Privacy Act was established to insure that government agencies protect the privacy of individuals and businesses with regard to information held by them and to hold these agencies liable if any information is released without authorization.
• Securities Exchange Commission (SEC) — Regulation S-P: The purpose of this Regulation is to bring businesses regulated by the SEC into compliance with the concepts for privacy outlined under the GLB Act. This Act applies to broker-dealers, funds, registered advisors, those who deal with variable annuity or variable life insurance, and any other entities dealing in Securities.
• Safe Harbor Privacy Principles: In October 1998, the European Union’s wide-sweeping privacy legislation — called the European Union Data Protection Directive — became effective. The Directive places new requirements on businesses that wish to collect, process or transfer personal data from an EU Member State to an non-EU Member State. Under the Directive, the transfer of personal information from an EU Member State to a non-EU country is forbidden unless the country and the company involved provide an “adequate” level of privacy protection.
• FERMA exists to widen and raise the culture of Risk Management throughout Europe to its members and to the risk management and insurance community. It achieves its aims by promotion and raising awareness of risk management through the media, by information sharing, educational and research projects.
• Sarbanes Oxley Act (2002) was passed to implement changes in federal securities regulation, corporate governance, and the regulation or auditors. It expanded federal white-collar laws criminalizing the destruction of certain corporate communications and documents.
• Federal Rule 26: By not adhering to a program of routinely destroying stored records, a company exhibits suspicious disposal practices that could be negatively construed in the event of litigation or audit. Destroying on a set schedule limits your legal risks.
• FERPA is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. FERPA gives parents certain rights with respect to their children's education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level.
• Fair Credit Reporting: Enforced by the Federal Trade Commission, is designed to promote accuracy and ensure the privacy of the information used in consumer reports. Recent amendments to the Act expand your rights and place additional requirements on Consumer Reporting Agencies. Businesses that supply information about you to Consumer Reporting Agencies and those that use consumer reports also have new responsibilities under the law.
• Economic Espionage Act makes the theft or misappropriation of trade secrets a criminal offense, and is the first federal law that purports to both broadly define and severely punish such misappropriation and theft.
Your Partner in Regulatory Compliance
ShredAssured provides security and consulting services that keep your company in compliance with all mandated State and Federal laws pertaining to document destruction, thus allowing your company to be confident all regulations are being administered.
For more information, give us a call at 1-800-838-3840 to find out how ShredAssured can help your company save money, protect its information, and comply with federal and state laws. Our client specialists are ready to assist and willing to help in any way they can.