Identity theft is one of the fastest growing crimes this century, according to National Crime Prevention Council. Contrary to popular belief, the primary cause is not because more people are online these crime of identity theft is not limited to online transactions or online banking. But is caused by people not paying attention to contents of sensitive information that receive, online or offline, and not guarding that information with these care deserves. Research shows the easiest way for identity thieves, to obtain sensitive information is traditional paper based sources. Identity theft have grown over 600% as 2000, leaving thousands of people with destroyed credit ratings. The crime damaged it reputations of companies which mishandled that information and subjected, to civil lawsuits. The rising theft and fraud forced federal and state legislators to pass several laws protect privacy and mandate secure handling of sensitives documents.
Additional Info: http://www.identitytheftarticles.net
The Fair and Accurate Credit Transactions Act, (FACTA.)
The Act contains number of provisions intended to combat consumer fraud and related crimes, including identity theft, and to assist is victims. Specifically the act requires the destruction of papers containing consumer information before is discarded.
- Identity theft is one of the fastest growing crimes in modern time
- These Act states “any person who maintains or otherwise possesses consumer information for business purpose” must “properly dispose of information by taking reasonable measures to protect against unauthorized access to or the information in connection with is disposal”. Reasonable measures are defined by Act as “burning, pulverizing, or shredding of papers containing consumer information”. Another alternative is company to enter into agreement “with at party engaged in business record destruction to dispose of material, specifically identified as consumer information, in manner consistent with is rule”.
Additional Info: http://www.ftc.gov/os/statutes/031224fcra.pdf
Health Insurance Portability and Accountability Act, (HIPPA.)
The Act regulates healthcare industry and assures, at healthcare organizations will be responsible the disposal of “protected health care information.” HIPAA applies criminal penalties to anyone violating the law – not company. Employees, business associates, and others who handle “protected health information” are potentially liable for mishandling confidential information. Non-compliance can result in following penalties:
- Civil fines up to $25,000 / year
- Criminal penalties up to $250,000 as well as, up to 10 years in prison (Information Management Journal 2003)
HIPAA applies to Institutions and the following documents:
- Patient Medical and Billing Records
- Insurance Records
- Personal Health Information
Additional Info: http://www.cms.hhs.gov/HIPAAGenInfo/
The Gramm-Leach-Bliley Act (GLBA.)
The Act mandates all financial institutions that obtain nonpublic personal information through the normal course of their business must develop precautions to ensure security and confidentiality of customer records and information, and to protect against unauthorized access to or of records. This includes secure storage, disposal, and sharing of confidential information. Non-compliance can result in following:
- Fines up to $100,000 for each violation
- Officers and Directors the financial institution maybe personally liable for civil penalty to $10,000
- Possible imprisonment for up to five years
Gramm-Leach-Bliley Act applies to following types of organizations:
- Companies that operate travel agencies in connection with financial services
- Credit Unions
- Securities Brokers
- Real Estate Appraisers
- Retailers that issue their own credit cards directly to consumers
- Insurance Companies
- Automobile Leasing Companies
Additional Info: http://www.ftc.gov/privacy/privacyinitiatives/glbact.html
The Economic Espionage Act (EEA).
The Act make theft or misappropriation of trade secrets criminal offense.
This Act applies to all U. S. Citizens, and general businesses handling sensitive data in hardcopy.
Additional Info: http://www.dm.usda.gov/ocpm/SecurityGuideEmployees/Espionage.htm
DISCLAIMER: This is brief summary of aforementioned laws. Please consult legal professional for more information the specifics of laws apply your business.