Archives

Category Archive for: ‘Regulations’

  • Business and Identity Theft

    Is Your Business Protecting Personal Information?

    Once your business is finished with sensitive information derived from consumer reports, what happens to it then? Under the Disposal Rule, your company must take steps to dispose of it securely.” – FTC.Gov

    In today’s world, almost every business is aware that protecting the privacy of customers, patients, employees, etc. is a required by law and of the utmost importance. But just how familiar are you with current laws? Are you confident your business is following proper protocols and protecting personal information? With fraud and identity theft happening around us at increasing and alarming rates, it’s critical you follow procedure so you’re not exposed to costly liability. If it’s your job to protect valuable information in your business or workplace, you may want to take a moment to read the following information provided by The Federal Trade Commission on FTC.Gov:

    “Any business or individual who uses a consumer report for a business purpose is subject to the requirements of the Disposal Rule. The Rule requires the proper disposal of information in consumer reports and records to protect against “unauthorized access to or use of the information.” The Federal Trade Commission, the nation’s consumer protection agency, enforces the Disposal Rule.

    According to the FTC, the standard for the proper disposal of information derived from a consumer report is flexible, and allows the organizations and individuals covered by the Rule to determine what measures are reasonable based on the sensitivity of the information, the costs and benefits of different disposal methods, and changes in technology.

    Although the Disposal Rule applies to consumer reports and the information derived from consumer reports, the FTC encourages those who dispose of any records containing a consumer’s personal or financial information to take similar protective measures.

    Who must comply?

    The Disposal Rule applies to people and both large and small organizations that use consumer reports. Among those who must comply with the Rule are:

    • Consumer reporting companies
    • Lenders
    • Insurers
    • Employers
    • Landlords
    • Government agencies
    • Mortgage brokers
    • Automobile dealers
    • Attorneys or private investigators
    • Debt collectors
    • Individuals who obtain a credit report on prospective nannies, contractors, or tenants
    • Entities that maintain information in consumer reports as part of their role as service providers to other organizations covered by the Rule

    What is “proper” disposal?

    The Disposal Rule requires disposal practices that are reasonable and appropriate to prevent the unauthorized access to – or use of – information in a consumer report. For example, reasonable measures for disposing of consumer report information could include establishing and complying with policies to:

    • burn, pulverize, or shred papers containing consumer report information so that the information cannot be read or reconstructed;
    • destroy or erase electronic files or media containing consumer report information so that the information cannot be read or reconstructed;
    • conduct due diligence and hire a document destruction contractor to dispose of material specifically identified as consumer report information consistent with the Rule. ” 

    Click to finish reading article: https://www.ftc.gov/tips-advice/business-center/guidance/disposing-consumer-report-information-rule-tells-how

  • How to Disposition Records Using Your Retention Schedule

    An interesting video produced by utmbHealth

    Important: If you store your records with Iron Mountain Records Storage, we can save you 33% or more! Call us today for a quick no-obligation comparison.

    Compare Us To Self-Storage
    Compare Us To National Storage Companies
  • business

    Information Compromise and the Risk of Identity Theft: Guidance for Your Business

    These days, it is almost impossible to be in business and not collect or hold personally identifying information — names and addresses, Social Security numbers, credit card numbers, or other account numbers — about your customers, employees, business partners, students, or patients. If this information falls into the wrong hands, it could put these individuals at risk for identity theft.

    Still, not all personal information compromises result in identity theft, and the type of personal information compromised can significantly affect the degree of potential damage. What steps should you take and whom should you contact if personal information is compromised? Although the answers vary from case to case, the following guidance from the Federal Trade Commission (FTC), the nation’s consumer protection agency, can help you make smart, sound decisions. Check federal and state laws or regulations for any specific requirements for your business.

    More Information

    Important: If you store your records with Iron Mountain Records Storage, we can save you 33% or more! Call us today for a quick no-obligation comparison.

    Compare Us To Self-Storage
    Compare Us To National Storage Companies
  • 6651 XS

    Businesses Must Provide Victims and Law Enforcement with Transaction Records Relating to Identity Theft

    The Fair Credit Reporting Act (FCRA) spells out rights for victims of identity theft, as well as responsibilities for businesses. Identity theft victims are entitled to ask businesses for a copy of transaction records — such as applications for credit — relating to the theft of their identity.

    Indeed, victims can authorize law enforcement officers to get the records or ask that the business send a copy of the records directly to a law enforcement officer. The businesses covered by the law must provide copies of these records, free of charge, within 30 days of receiving the request for them in writing. This means that the law enforcement officials who ask for these records in writing may get them from your business without a subpoena, as long as they have the victim’s authorization.

    The Federal Trade Commission (FTC), the nation’s consumer protection agency, enforces the FCRA including this requirement, which is known as Section 609(e). Here is some additional information to help your business comply with this provision of the law…

    More Information

    Important: If you store your records with Iron Mountain Records Storage, we can save you 33% or more! Call us today for a quick no-obligation comparison.

    Compare Us To Self-Storage
    Compare Us To National Storage Companies
  • 8011 XS

    In Brief: The Financial Privacy Requirements of the Gramm-Leach-Bliley Act

    Protecting the privacy of consumer information held by “financial institutions” is at the heart of the financial privacy provisions of the Gramm-Leach-Bliley Financial Modernization Act of 1999. The GLB Act requires companies to give consumers privacy notices that explain the institutions’ information-sharing practices. In turn, consumers have the right to limit some – but not all – sharing of their information.

    Here’s a brief look at the basic financial privacy requirements of the law.

    More Information

    Important: If you store your records with Iron Mountain Records Storage, we can save you 33% or more! Call us today for a quick no-obligation comparison.

    Compare Us To Self-Storage
    Compare Us To National Storage Companies
  • 7053 XS

    Security Check: Reducing Risks to Your Computer Systems

    When consumers open an account, register to receive information or purchase a product from your business, it’s very likely that they entrust their personal information to you as part of the process. If their information is compromised, the consequences can be far – reaching: consumers can be at risk of identity theft, or they can become less willing – or even unwilling – to continue to do business with you.

    These days, it’s just common sense that any business that collects personal information from consumers also would have a security plan to protect the confidentiality and integrity of the information. For financial institutions, it’s an imperative: The Gramm-Leach-Bliley Act and the Safeguards Rule, enforced by the Federal Trade Commission, require financial institutions to have a security plan for just that purpose.

    The threats to the security of your information are varied – from computer hackers to disgruntled employees to simple carelessness. While protecting computer systems is an important aspect of information security, it is only part of the process. Here are some points to consider – and resources to help – as you design and implement your information security plan.

    More Information

    Important: If you store your records with Iron Mountain Records Storage, we can save you 33% or more! Call us today for a quick no-obligation comparison.

    Compare Us To Self-Storage
    Compare Us To National Storage Companies
Page 1 of 212»