The increase in IDENTITY THEFT crime has caused the enactment of the laws described below in order to protect individuals and business. The essence of these laws is to protect from the crime of IDENTITY THEFT by securing private personal information. Some states have also enacted laws, including the states of California, Wisconsin, and Georgia. One of the first and most well known of the laws is HIPAA, which was enacted to protect the privacy of patient information.
Health Insurance Portability and Accountability Act (HIPAA), was enacted in 1996 and includes provisions intended to safeguard the privacy of patient health records. HIPAA is a significant piece of legislation with onerous penalties. For a full text of the SUMMARY OF THE HIPAA PRIVACY RULE from the Department of Human Services, available online go to http://www.hhs.gov/ocr/privacysummary.rtf. See page 14 of this document in regards to shredding information.
The Fair and Accurate Credit Transactions Act of 2003 also known as the FACT Act was signed into law on December 4, 2003. The Act amends the Fair Credit Reporting Act (“FCRA”). The Act contains a number of provisions intended to combat IDENTITY THEFT and consumer fraud and related crimes. Specifically, the act requires the destruction of PAPERS CONTAINING CONSUMER INFORMATION. Virtually every business or organization is bound by this law.
Gramm Leach Bliley (GLB) is another federal law with a much broader scope than HIPAA. This law was designed to compel financial institutions to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public personal information.” This language suggests that paper documents containing such personal information should also be protected when in use and safely destroyed when no longer current and usable.