There are several laws
that require businesses to destroy rather than simply
discarding information. These have been established in an
effort to protect the privacy of patients and consumers. At
the same time they serve to protect the businesses that
serve them.
CALIFORNIA:
Assembly Bill 2246 went into effect in January 2001 with the
following mandate:
"A business shall take all
reasonable steps to destroy or arrange for the destruction
of a customer's records within its custody or control
containing personal information which is no longer to be
retained by the business by (1) shredding, (2) erasing, or
(3) …"
FEDERAL:
The Health Insurance Portability and Accountability Act (HIPAA)
identifies protected health information and sets rules for
the security and privacy of this information.
THE GRAMM-LEACH BLILEY ACT
Places significant restrictions on the use of customer
information by those in the financial industry (insurance,
banks, securities, mortgage, escrow, lenders, etc.) Such
financial institutions must disclose their privacy policies
to their customers.
THE U.S. SUPREME COURT
ruled (California vs. Greenwood) that "Dumpster Diving"
is not illegal. "Dumpster Diving" is the predominate method
of obtaining information by those involved in crimes related
to:
Identity Theft
Telephone Fraud
Computer Hackers
Credit Card Fraud
Industrial Espionage
----------------------------------------------------------------------
Records that need safe destruction:
Customer Lists
Invoices
Accounting Information
Cancelled and clank checks
Credit Card Information
Legal Contracts
Personnel Records
Tax Records
Medical Records
Application for Employment
Payroll Information
Social Security Numbers
Signatures
Correspondence
Customer Mailing Lists
Budget Data
Bank Statements
Financial Reports
Confidential Letters, Memos
Research and Development Data
Note: Acco fasteners, paper clips, and staples are o.k.!
