Do You Know Which Privacy Legislation Affects Your Business?

Posted on: November 29, 2017

Business must comply with federal, state, and local privacy legislation in regard to their handling of personally identifiable information in the United States. This means that protecting and appropriately handling this material is not only important for maintaining the trust and safety of clients and employees, it’s also required to avoid fines and other damages from the government.

There is a host of privacy legislation for different industries.

Financial Sector

The Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act both govern how business in the financial sector handle confidential information. Simply put, together these acts protest investors and the public by regulating corporate disclosures and protect the privacy of consumer information held by financial institutions and service provides. However, both pieces of legislation are complex: you should make sure your business understands the implications of these acts if you are in the financial sector. This is an essential step to make sure you are handling all PII correctly.

Medical Sector

HIPAA (The Health Insurance Portability and Accountability Act) may be the most well-known privacy legislation in the United States. It provides privacy standards for protected health information. Additionally, The Health Information Technology for Economic and Clinical Health (HITECH) also protects the privacy of paper and electronic protected health information.

Hospitality/Hotel Sector

The General Data Protection Regulations come into effect in 2018, and while the legislation is from the European Union, it will impact companies worldwide. If you’re in the hospitality industry, you should make sure you understand this legislation.

Retail Sector

Two main pieces of legislation in the United States impact the retail sector: The Fair and Accurate Credit Transactions Act (FACTA) and the Federal Trade Commission Act. The former regulates business that possess consumer information, and the latter protects consumers in regard to offline and online privacy and data security policies.

Human Resources

Of course, HR plays a very significant role in protecting personally identifiable information. HIPPA and FACTA govern privacy of consumer information by employers.

Best Practices

No matter what industry you’re in, it’s important to understand the research and understand the relevant legislation as it relates to your business.

  • Understand your legal obligations.
  • Conduct comprehensive risk assessments.
  • Create and implement a security plan.
  • Create and implement a detailed document management process in accordance with the relevant legislation. This process should cover all steps from creation to disposal/destruction.
  • Have a Chief Information Security Officer to oversee security. This may not need to be an entirely new role, but an important responsibility one of your staff takes on.
  • Educate employees on the handling of confidential information.
  • Create and implement secure work processes.
  • Monitor partners’ document security protocols.
  • Work with TrueShred.

Protect Your Business with TrueShred

Again, making sure you handle confidential information appropriately is necessary not just for client/employee trust and safety, it’s also necessary to stay compliant with the legislation for your sector. Disposal and destruction of personal information is an essential part of this. If you’re looking for professionals who can handle your secure document destruction needs in the DMV area, contact TrueShred to find out what we have to offer. We perform shredding services in the Northern Virginia, Maryland, and Washington, DC area.

Upcoming Events

10:00 am Monthly Community Shredding
Monthly Community Shredding
Jul 11 @ 10:00 am – 2:00 pm
Recycling Event To accommodate residential and small business clients, TrueShred offers a paper shredding drop-off option. Bring your medium sized boxes (Regular Bankers Box) of sensitive papers and for just $10 per box watch the
Dennis R. Akers, Audit Supervisor - Virginia Department of Taxation

”TrueShred was prompt, efficient, clean and extremely professional. I plan to continue to use your service and will highly recommend TrueShred to other businesses.”