Laws

Fair and Accurate Credit Transactions Act (FACT
Act)-Requires any person or company that possesses or
maintains "any record about an individual, whether in paper,
electronic or other form, (that is a consumer report such as
a credit report) to take reasonable measures to protect
against unauthorized access to or use of the information in
connection to its disposal." Under the new law, all
businesses must be in compliance by June 1, 2005 by both
adopting and implementing their own document destruction
or by contracting with a document shredding company to do
so. Penalties for violating the rule include actual damages,
statutory damages up to $1,000, punitive damages per
violation(with no cap on class action damages), attorneys'
fees and civil penalties up to $2,500.

Health Insurance Portability and Accountability Act
(HIPAA) was enacted in 1996 and includes 2003
provisions. HIPAA is intended to safeguard the privacy of
patient health records. Today, it's imperative that medical
organizations protect themselves, their patients', and their
employees' private and confidential information.

The Federal Privacy Act was enacted to protect the
privacy of individuals and businesses. Public agencies and
private businesses can be held liable if any personal
information is released to unauthorized individuals.

The Gramm-Leach Bliley Act places significant restrictions
on the use of customer information by those in the financial
industry. These restrictions recognize that non-public
personal, financial, and health information must be safe
guarded and include proper disposal procedures.

Privacy Law AB2246 states that businesses must now
destroy customer records containing personal information
by shredding them, erasing them, or making them
unreadable. Injured consumers can file lawsuits for civil
damages against companies that fail to comply.