Laws and Regulations

Federal Privacy Act of 1974 (updated DOJ 2015)
https://www.justice.gov/opcl/
- Established to insure that government agencies protect the privacy of individuals and businesses with regard to information held by them.
- It holds these agencies liable for any information released without proper authorization.
______________________________
Family Educational Rights and Privacy Act (FERPA – 1974)
https://www2.ed.gov/policy/
- Federal law that protects the privacy of student education records.
- The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
______________________________
Health Insurance Portability & Accountability Act (HIPAA – 1996)
https://www.hhs.gov/hipaa/
- All hospitals, doctors, pharmacies, health plans, medical billing companies and any other business entity involved in the healthcare industry must comply with this act.
- The rules apply to all protected health information.
- The Standard for Privacy of Identifiable Health Information requires that covered entities put in place administrative, technical and physical safeguards to protect the privacy of protected health information.
- One example given of a safeguard for the proper disposal of paper documents containing protected health information is that the documents be shredded prior to disposal.
______________________________
Gramm-Leach-Bliley Act – Financial Services Modernization Act (GLB – 1999)
https://www.ftc.gov/tips-
- The privacy provisions require that financial institutions and insurance companies give consumers prior notice of an intention to share personal information and a chance to opt out of the sharing of such information.
- The law states that these institutions and companies need to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public information.”
- The Safeguard Rule recommends that paper documents containing such personal information should be protected and safely destroyed.
- This Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information.
- The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions — such as credit reporting agencies — that receive customer information from other financial institutions.
______________________________
Sarbanes Oxley Act (SOX – 2002)
https://www.sec.gov/answers/
- Enacted after Enron and Worldcom financial scandals to increase corporate responsibility and financial reporting to combat fraud.
- Applies to public companies based in the United States or traded on the US stock exchanges.
- Requires a written record information management policy and procedures, including the process and procedures for proper document destruction.
- If convicted of violating, strict fines and imprisonment of up to 20 years.
______________________________
American Recovery and Revitalization Act (ARRA – 2003)
- Includes HITECH modifications to HIPAA; breach notification and fines up to $50,000 per violation.
- Health and Human Services Final Omnibus Rule 2013 – Shredding companies defined as Business Associates.
Link for hitech modifications https://www.hhs.gov/hipaa/for-
Link for omnibus rule 2013 https://www.hhs.gov/hipaa/for-
______________________________
The Fair and Accurate Credit Transaction Act (FACTA – 2003)
https://www.govinfo.gov/
- Enhance the accuracy of consumer reports.
- Allow consumers to exercise greater control regarding the type and amount of marketing solicitations they receive.
- Establishes uniform national standards in key areas of regulation regarding handling and disposal of consumer information in the possession of all companies and organizations
- FTC Disposal Rule – 6/1/2005
- Link For FTC Disposal Rules https://www.ftc.gov/tips-
advice/business-center/ guidance/disposing-consumer- report-information-rule-tells- how - Red Flags Rule – 8/1/2009
- LINK for RED Flag Rules https://www.ftc.gov/tips-
advice/business-center/ privacy-and-security/red- flags-rule
______________________________
Check Clearing for the 21st Century (Check 21 Act – 2004)
https://www.fdic.gov/
- Allows banks to make check processing fast and more efficient by handling more checks electronically.
- Bank and other financial institutions must establish a retention and destruction policy for the checks and substitute checks in paper or electronic format.
- Checks are typically retained at the branch-level prior to secure destruction.
______________________________
Payment Card Industry Data Security Standard (PCI-DSS) – (2006, updated 2015)
https://www.
- Verify that hard copy materials are crosscut shredded, incinerated, or pulped such that there is reasonable assurance the hard-copy materials cannot be reconstructed.
- Examine storage containers used for information to be destroyed to verify that the containers are secured. For example, verify that a-to-be-shred container has a lock preventing access to its contents.
- Verify that cardholder data on electronic media is rendered unrecoverable via a secure wipe program in accordance with industry-accepted standards for secure deletion, or otherwise physically destroying the media (e.g., degaussing).
STORAGE PLUS SHREDDING – TULSA OK
Off-Site Shredding, On-Site Shredding, Specialty Shredding, Document Storage
(918) 665-2828
WANT A FREE SHREDDING ASSESSMENT
Our Recurring Off-Site Mobile Document Shredding Services include:
- Documents transported in locked commercial trucks.
- Documents will be shredded within 24 hours of arrival at our warehouse.
- Documents remain under video surveillance once received at our warehouse. Customers are always welcome schedule the service so they can witness the off-site destruction at our warehouse.
No Hidden Charges or Long Term Contracts Required
Storage Plus Shredding does not require a long term contract
State-Of-The-Art Shredding Trucks
Shredded Documents Are Recycled
Our Commitment To Our Customers
Storage Plus Shredding is dedicated to the highest level of security shredding standards for document and media destruction. When shredding is complete, you will receive a certificate of destruction for your records certifying when and how your documents were destroyed.
WANT A FREE QUOTE
Security And Service Is Our Business
Storage Plus Shredding takes pride in providing their customers peace of mind by taking the security of your private information seriously. Safeguard your organization’s reputation by shredding sensitive and confidential paper documents.
Storage Plus Shredding
5152 S 95th E Ave.
Tulsa OK 74145
918-665-2828
Storage Plus Shredding
5152 S 95th E Ave.
Tulsa OK 74145
918-665-2828