How Document Shredding Might Be a Legal Obligation

Businesses in the United States are subject to many different pieces of legislation regarding several areas and operations. Believe it or not, some of these pieces of legislation incorporate document shredding as a required component of day to day operations. At Augusta Data Storage, our team of experts is well versed in the requirements set out by both federal and state governments in accordance with our NAID Certification. Read on to learn about some of the pieces of legislation that incorporate document shredding, and whether your business needs to take action. Note: The following is not to be taken as legal advice.

HITECH

The Health Information Technology for Economic & Clinical Health act was enacted by the federal government under the American Recovery & Reinvestment act of 2009. The main aspect of HITECH was the introduction of the requirement for HIPAA-covered entities to notify affected victims in the event of breaches of unsecured protected health information (PIH). It also outlines the requirements to be met in order for the breach of notification stipulation to be relieved. Organizations covered under HIPAA are also required to notify HSS and the media in the event that a breach exceeds 500 victims. Most importantly however is that the act specifically notes that encryption of electronic data and the physical destruction of paper PHI, are the only methodologies recognized in order for entities to be relieved of the breath notification requirement. If you and your business operate in the healthcare industry, you can read more about HITECH here, or contact Augusta Data Storage in Augusta to discuss your obligations and how we can help.

GLBA

If you work in the financial sector then you should ensure that you or someone on your team is familiar with this act. The Gramm-Leach Bliley Act came into effect in 1999 with the goal of protecting private consumer information held by financial institutions. This can include any information used to get a financial product (SSN, address, name etc.), any information received from a transaction involving your financial products or services, or any information received about an individual in connection with providing such financial products and services. You can find a guide issued by the FTC here on how to follow and comply with GLBA here.

FERPA

This act, known as the Family Education Rights & Privacy Act, is a federal law that seeks to protect the educational records of students. The law applies to all entities that receive funding under any program administered by the US department of education. In order to avoid unauthorized disclosures of records, it is encouraged that relevant entities use secure methods, including document shredding, to dispose of sensitive documents. Improper disposal of records may be recognized as an unauthorized disclosure, putting organizations in trouble at the hands of the federal government. To learn more about FERPA, check out the Department of Education’s official portal on the act here, or contact Augusta Data Storage for more information on document disposal practices.

Ensuring your business is up to snuff on the law is critical to stay alive and competitive. Augusta Data Storage’s  highly secure shredding services are one step to ensure your organization can avoid the hassle of legal trouble and keep doing what do best.

Contact our Augusta office today, to learn more about how we can help you and your team. 1-888-299-0186