Is Your Business Compliant with FACTA Disposal Rule?

FACTA – Fair and Accurate Credit Transactions Act

A small business can be liable to a federal fine of $2,500 per employee or even a class-action lawsuit under FACTA laws.

Congress passed FACTA legislation in 2003 to protect consumers against identity theft and other forms of consumer fraud. FACTA Disposal Rules were added regarding the disposal of confidential customer, employee and vendor records. The law requires the destruction — “shredding or burning” or “smashing or wiping” — of all paper, electronic devices or computer disks containing personal information “derived from a consumer report” before it is discarded. If a business does not comply with FACTA, they face potential civil liabilities, state fines, federal fines, and class-action lawsuits.

FTC: The Disposal Rule applies to consumer reports or information derived from consumer reports. The Fair Credit Reporting Act defines the term consumer report to include information obtained from a consumer reporting company that is used – or expected to be used – in establishing a consumer’s eligibility for credit, employment, or insurance, among other purposes. Examples of consumer reports include credit reports, credit scores, reports businesses or individuals receive with information relating to employment background, check writing history, insurance claims, residential or tenant history, or medical history.

FTC FACTA links:

Do you know how the FACTA Disposal rule affects your business? Proper legal advice is needed for you determine what security measures need to be implemented to protect you and your business.

About Bruce Demarest

Bruce Demarest is a Identity Theft Protection Specialist. He has designed and taught classes to educate individuals and businesses in identity theft risk management. The individuals have learned how to continuously monitor their financial identities from credit fraud, plus how to monitor their personal identifying information for unauthorized use. His business clients have become compliant with the federal & state privacy laws. He has conducted information security audits to identify their potential problems and has designed security policies, programs, and practices to address those problem areas.
This entry was posted in Business Identity Theft, Business Law, Identity Theft Protection and tagged , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s