Are you up to date on Privacy Legislation? Shred-it’s Guide to the complex regulatory environment.
We live in an increasingly regulated world. Just last year, businesses were introduced to the General Data Protection Regulation that placed an increased onus on organizations to protect the data of EU citizens. And with the number of data breaches in the news becoming more frequent, it appears that this regulated environment will not be going away any time soon.
To help you navigate the regulations, Shred-it has put together a privacy legislation guide to some of the laws as it relates to specific verticals. Although this is not to be taken as legal advice, we are hoping that this will help you understand what you should be looking out for in this era of privacy.
U.S General Legislation:
The Fair and Accurate Credit Transactions Act (FACTA) requires that all businesses properly protect and dispose of the personal information collected from their customers and employees, regardless of the organization’s size or industry. Businesses that must comply with this Act include lenders, insurers, employers, landlords, consumer reporting agencies and government agencies to name a few.
The Identity Theft and Penalty Enhancement Act (ITPEA) is an amendment to the Federal Criminal Code for penalties against aggravated identity theft and imposes incremental sentences in addition to the related felony punishments. All U.S. residents must adhere to the Identity Theft Penalty Act.
For a full list of U.S. General legislation, you can download the report here.
Industry Specific Legislation:
In terms of legislation that is specific to certain verticals, US businesses that operate in the financial services
industry must familiarize themselves with a number of different pieces of legislation. The Gramm-Leach-Biley Act (GLBA) and the Sarbanes-Oxley Act (SOX) are only two Acts that could impact your financial business operations.
US businesses that operate in the legal vertical
must be aware of the Economic Espionage Act, the California Consumer Privacy Act and the USA Patriot Act, to name a few.
and healthcare organizations
have industry specific privacy legislation that that govern a wide array of industry specific activities as well. The Family Educational Rights and Privacy Act and the Fair and Accurate Credit Transactions Act are two examples.
Shred-it can help keep your business stay compliant through our regular-scheduled document destruction service, expertise in privacy legislation and complementary workplace privacy policies. Click here
to learn more about our services.