The legality of dumpster diving varies from state to state. It is considered a gray area. Because dumpsters are usually located on private premises, it may be considered illegal, though the law is enforced with varying degrees. There is no common law exception of privacy for discarded materials.
Jim Stickley, author of, “The Truth About Identity Theft”, is a security expert who is able to find security flaws for corporations. In this article, he explains how over the course of a few weeks of dumpster diving he is able to get enough information to take over the lives of the owner of the original documents.
The chances of identity theft due to dumpster diving may be slim, but if your documents are stolen you have a 100% chance that you will have to face consequences. While there may not be specific laws against dumpster diving, there are laws against the improper disposal of documents.
The Health Insurance Portability and Accountability Act (HIPAA)
HIPAA contains privacy and security rules for ensuring the protection of personal health information (PHI). Within the law are provisions that also hold business associates of HIPAA-covered entities liable for any breaches of PHI. Therefore, your company is subject to HIPAA regulations if it provides the following services and/or products to a healthcare provider:
- claims processing
- software or hardware support
- legal services
- accounting or administrative support
While HIPAA does not specify rules regarding the disposal of PHI, if confidential data is exposed due to improper disposal, your business may be subject to fines levied by the Department of Health and Human Services’ Office of Civil Rights.
The Fair and Accurate Credit Transactions Act (FACTA)
FACTA also deals with the protection of personally identifiable information used by consumers. It specifically deals with the protection of PII found in consumer reports. Of all the federal regulations regarding data disposal, FACTA affects the broadest range of businesses:
- car dealers
- financial institutions
- debt collectors
Essentially, any business collecting consumer information for verification purposes is impacted by FACTA. As such, FACTA requires businesses to destroy physical and electronic data to an unreadable state.
Stay Compliant & Protected
The best way to make sure you are protecting your company from identity theft from dumpster divers is shred all documents containing personal information.
If you are looking for a shredding company to help safeguard your personal information, Shred Nations can help! We will make sure you always receive a certificate of destruction in order to meet all of your security needs.
To get started, fill out the form to the right, or give us a call at (800) 747-3365. Within minutes, you will receive free quotes from contractors in your area that can help with your project.