Important Laws
Important Laws That Protect Your Information
When it comes to handling sensitive documents, several federal and state laws require businesses, medical offices, financial institutions, and other organizations to protect private information. Understanding these regulations helps you stay compliant and avoid costly fines, lawsuits, and security breaches.
Below is a clear breakdown of the most important laws that influence document retention, destruction, and privacy requirements.
FACTA – Fair and Accurate Credit Transactions Act
Businesses that gather or store consumer credit information must properly destroy documents before disposal.
Read More
What it means for you:
- You cannot simply throw sensitive consumer information into the trash.
- Records containing names, addresses, account numbers, credit data, or Social Security numbers must be shredded.
- Noncompliance can result in significant federal penalties.
FACTA applies to any business that handles consumer financial information, including auto dealerships, lenders, landlords, retailers, and service-based businesses.
HIPAA—Health Insurance Portability and Accountability Act
HIPAA requires all healthcare providers and related businesses to safeguard patient health information (PHI).
Read More
You must properly destroy:
- Medical charts
- Billing information
- Lab reports
- Insurance forms
- Any document with patient identifiers
Why it matters:
Improper handling or disposal of PHI can lead to severe fines and legal consequences. Shredding is the safest and most compliant method of disposal.
GLBA – Gramm-Leach-Bliley Act
This law applies to financial institutions and businesses that offer financial products or services.
Read More
It requires companies to:
- Protect sensitive financial data
- Provide clear privacy policies
- Dispose of customer information securely
Shredding is the recommended method to comply with GLBA because it ensures data cannot be reconstructed or misused.
State Privacy & Disposal Laws
Many states—including California—have specific regulations that require the secure destruction of documents containing personal identifying information (PII).
Read More
This includes:
- Employee records
- Payroll data
- Client files
- Legal documents
- Customer contact information
Failure to comply can result in state penalties and liability if information is leaked.
“ShredPro, Inc. does not provide tax, legal, or accounting advice. This material has been prepared for informational purposes only, and is not intended to provide, and should not be relied on for tax, legal,or accounting advice. You should consult your tax, legal, and accounting advisors before engaging in any transaction.”