Document Destruction by Brinks Document Destruction - Fair and Accurate Credit Transactions Act (FACTA)

Times when businesses could turn a blind eye to the disposal of sensitive consumer information are over. Effective June 1, 2005 companies can no longer afford to disregard consumer privacy and confidentiality by throwing confidential documents in the dumpster.

The Fair and Accurate Credit Transactions Act (FACTA) was enacted on December 4, 2003 to reduce the risk of consumer fraud and identity theft, created in part by improper disposal of consumer information.

How does FACTA affect financial institutions?
Among other things, FACTA defines proper disposal of consumer records and information. It requires �any person that maintains or otherwise possesses consumer information or any compilation of consumer information, for a business purpose must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.�

FACTA affects most businesses in the United States, however financial institutions are affected more than others due to the high volumes of consumer information they handle. Credit and loan applications, bank and credit card statements, voided checks and other records containing names, Social Security numbers, addresses, dates of birth, and other private information must be securely destroyed before disposal.

Organizations subject to the Gramm-Leach-Bliley Act, and the FTC's Safeguards Rule are required to incorporate the proper disposal of consumer information into their records security program.

How to destroy confidential information
While FACTA does not require businesses to follow any one specific destruction method, the Final Rule regarding consumer information and records disposal issued by the FTC, provides some examples including burning, pulverizing and shredding. The most important requirement: information has to be destroyed in such a way so that it cannot practicably be read or reconstructed.

What needs to be done?
Institute a company-wide document destruction policy and assess your current document destruction policy for any possible breaches, check out your company�s trashcans, educate your employees and perform random checks on how they follow the company�s document destruction procedures. And remember: all financial institutions MUST COMPLY with FACTA by June 1, 2005.