Why You Need a Paper Shredder: Rule Requires Businesses to Properly Dispose of Consumer Information
With very little fanfare, a rule went into effect on June 1, 2005 that impacts employers and businesses, regardless of size. Enacted in an effort to combat the growing problem of identity theft, this new rule requires all businesses to appropriately destroy consumer information when no longer needed, making it impossible for scam artists to access. Known as the “disposal rule”, it is part of the federal Fair and Accurate Credit Transaction Act (FACTA) and is administered by the Federal Trade Commission.
The disposal rule provides, “Any person who maintains or otherwise possesses consumer information for a business purpose must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.”
Suppose an employer performs a credit check on a prospective nanny as part of the hiring process, or receives personal information from a “temp agency” that originated from a credit report. The employer must comply with the disposal rule when the information is no longer needed. Experts advise that every business, regardless of size, establish a shredding policy and every employee that uses sensitive consumer information have a paper shredder within arms reach.
The type of information that must be destroyed includes “any record about an individual, whether in paper, electronic, or other form, that is a consumer report or is derived from a consumer report.”
The rule permits businesses to decide the method of destroying the information that best meets their needs. Acceptable disposal methods for paper include burning, pulverizing or shredding. It also requires companies to destroy or completely erase electronic media. This includes hard drives, CD-ROMs, floppy disks and information contained on PDAs.
Failure to comply with the new disposal rule could expose employers and business owners to the following liability:
Civil fines - Fines up to $2,500 per violation can be assessed
from the federal government
Civil liability - Employers are potentially liable up to
$1,000 per employee in statutory damages
Actual damages - Employers are liable for actual damages
if employees’ identities are stolen as a result of the company’s
failure to protect the information
Class action lawsuit - Employers could be subject to a
class action lawsuit if multiple employees are affected.
(FACTA is Public Law 108-159, which was signed on December
Shipping price to the lower 48 continental United States only.
There may be additional charges to ship to Alaska or Hawaii. No shipping
outside of the US available. Signature may be required upon delivery if
order is over $100 or we are shipping to an address that is not the same
as your billing address. If you require shipping to an address that does
not match the billing address on your credit card, a credit card authorization
form will be sent to you so that we may obtain your signature. No orders
will ship until it has been faxed back to us.
We offer 100% secure shopping on 128 bit
Sharp®, Canon®, Brother®,
Monroe®, Techko®, HP®, Apple®, Martin Yale®, GBC®,
Akiles®, Sunpentown®, Royal®, Texas Instruments®, Casio®,
Nokia®, Sony®, Lexmark®, Sanyo®, Fellowes®, and other
names used on this website are registered trademarks of their respective