Compliance and Regulations: At Document Security Management, your security is our concern. There are many regulations and compliance's we follow to ensure that all of the information you pass through us is secure.
...There are several laws that require businesses to destroy, rather than simply discard, confidential information. These have been established in an effort to protect the privacy of patients and consumers. At the same time they serve to protect the businesses that serve them. |
|
| Health Insurance Portability and Accountability Act, (HIPAA) |
| ...Under the HIPAA privacy regulations, health care providers must have agreements with "business associates" to address compliance with the HIPAA privacy standards. A business associate performs a function or activity for a health care provider, with use or access to "protected health information". |
| |
Gramm Leach Bliley Act, (GLB) |
| ...The Federal Trade Commission has issued a final rule governing the safeguarding of customer records and information for the financial sector. The GLB privacy objectives are to ensure the security and confidentiality of customer records and information; protect against any anticipated threats or hazards to the security or integrity of such records; and protect against unauthorized access to, or use of, such records or information that could result in substantial harm to any customer. |
| |
Fair and Accurate Credit Transaction Act, (FACTA) |
...The FACT Act was signed into law on December 4, 2003. This Act contains a number of provisions intended to combat consumer fraud and related crimes, including Identity Theft, and to assist its victims.
Section 216 of the Fact Act requires the Commission, Federal banking agencies, National Credit Union Administration, Securities and Exchange Commission, to issue regulations requiring "any person that maintains or otherwise possesses consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose to properly dispose of any such information or compilation." The purpose of this section is to prevent unauthorized disclosure of consumer information and to reduce the risk of fraud or related crimes, including identity theft, by ensuring that records containing sensitive financial or personal information are appropriately redacted or destroyed before being discarded. |
| |
| Family Educational Rights and Privacy Act |
...The Family Educational Rights and Privacy Act (FERPA) (20 USC §1232g, 34 CFR Part 99) is a federal U.S. law that protects the privacy of student education records.
|
| |
| Identity Theft Penalty Enhancement Act |
...The Identity Theft Penalty Enhancement Act of 2004. The law established a new federal crime, aggravated identity theft, outlined under “offenses” in the Act: Offenses – (1) In general – Whoever, during and in relation to any felony violation enumerated in subsection (c), knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person shall, in addition to the punishment provided for such felony, be sentenced to a term of imprisonment of 2 years. (2) Terrorism offense – Whoever, during and in relation to any felony violation enumerated in section 2332b(g)(5)(B), knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person or a false identification document shall, in addition to the punishment provided for such felony, be sentenced to a term of imprisonment of 5 years.
|
| |
| New Jersey Identity Theft Prevention Act |
...New Jersey’s Identity Theft Prevention Act (ITPA) protects individuals from identity theft in various ways, including: - requiring consumer credit reporting agencies to place security freezes on consumer reports upon request - requiring businesses that collect digital records
containing personal information to notify individuals whose personal data is compromised - limiting the use of social security numbers as general identifiers; and requiring businesses to destroy personal information that is no longer needed.
|
| |
| Pennsylvania Breach of Personal Information Notification Act |
| ...Pennsylvania Senate Bill 713 the Breach of Personal Information Notification Act, requires businesses to notify individuals when a security breach results in their personal information being released to unauthorized parties and the security breach causes or will cause loss or injury to a Pennsylvania resident. The Act specifies the notification steps businesses must follow in the event of a security breach. |
If you are uncertain about any of these laws and how they pertain to you or your business and don't know what to do, our only advice for you is give us a call and ease your mind.
|
