Oftentimes, the importance of electronic media destruction can be over looked by business owners. However, in order for your business to be government compliant and avoid penalties, it must follow specific data destruction laws. These laws include paper documents and also the hard drives you use to store any personally identifiable information (PII).
Laws and Regulations
Follow these laws with all paper records and electronic media you may have in order to stay within government compliance.
Health Insurance Portability and Accountability Act (HIPAA). This law takes aim at any organization that handles protected health information, including Social Security numbers, prescriptions and other medical records.
Health Information Technology for Economic and Clinical Health Act (HITECH). This act was signed into law to promote the adoption and meaningful use of health information technology. The act addresses the privacy and security concerns associated with electronic health records (EHR), through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.
Fair and Accurate Credit Transactions Act (FACTA). The Fair and Accurate Credit Transactions Act of 2003, which applies to all creditors and credit reporting agencies as well as financial institutions with “covered” accounts, protects consumer information collected by lenders and credit card companies. It preempts state laws.
Sarbanes-Oxley Act (SOX). This much-publicized law governs all public companies in the U.S. and all accounting firms, as well as international companies with debt security or equity registered with the Securities Exchange Commission. SOX holds them accountable for financial practices and carries stiff penalties for noncompliance.
Gramm-Leach-Bliley Act of 1999 (GLB). The act lets financial institutions—banks, insurance companies, financial services companies and investment firms—consolidate their banking and investment offerings. It requires those companies to safeguard customer records. Penalties for noncompliance can reach up to $100,000 per violation.
Data Destruction Laws by State
Every state has their own rules and regulations. Atleast 32 states and Puerto Rico have enacted laws that require entities to destroy, dispose, or otherwise make personal information unreadable or undecipherable. To find out more about the electronic media destruction laws in your state follow this link.
Partner with Shred Nations
To build a compliant shredding strategy and maintain appropriate electronic media destruction, start by learning which federal and state regulations affect your business; then team with Shred Nations to help locate a trusted partner to comply with.
If you’re looking for a quote on electronic media destruction, please fill out the form to the right, or give us a call at (800) 747-3365. In the process you’ll avoid headaches, lawsuits, and stiff penalties.