With identity theft and information fraud at an all-time high, the federal government has enacted over 40 information destruction laws to protect consumers. Here’s a synopsis of the three most significant pieces of consumer information protection legislation.
Information Destruction Laws
Identity Theft Enforcement and Protection Act of 2005
The Identity Theft Enforcement and Protection Act (the “ITEP Act”) , mandates that businesses have a legal duty to protect and safeguard sensitive personal information.
Similar to the Gramm-Leach Bliley Act, the ITEP Act requires businesses that collect or maintain sensitive personal information in the regular course of business to implement and maintain reasonable procedures and corrective measures to protect and safeguard sensitive personal information from unlawful use or disclosure. Further more , the ITEP Act includes a “Dumpster Diving”provision where companies are required to destroy customer records no longer in use by shredding, erasing modifying the records to make the information unreadable or undecipherable.
The ITEP Act not only allows the Attorney General to seek permanent injunction, but also exposes defendants to a civil penalty of at least 2,000 and up to $50,000 against each defendant.
For more information click here.
Total Security Breaches Nationwide Tops 218 Million
Think a security breach can’t happen to your organization? Think again! Since they began tracking security breaches in Jan. 2005, PrivacyRights.Org reports that over 218 million confidential files, in every imaginable industry, have been compromised!
For a comprehensive list of these information security breaches, click here.