Five Steps to FACTA Compliance Guidelines Every Business Should Follow

By Sean Fredricks | June 1, 2005

Five Steps to FACTA Compliance Guidelines Every Business Should Follow

Steven Hastert
6/1/2005 – DENVER, June 1 /PRNewswire/ — Starting today, the federal government is ushering in a new line of defense to against identity theft. It is requiring that all businesses — regardless of size and industry — properly protect and dispose of the personal information they collect about their customers.
The new rules, enacted by the Federal Trade Commission (FTC), require businesses “that maintain or otherwise possess consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose” to “properly dispose of such information or compilation.”The reason is simple, says Steven Hastert, Vice President of Operations at DataGuard USA, a national shredding firm. “Identity theft is the fastest growing crime in the country, and the government wants to prevent thieves from ‘dumpster diving’ for valuable consumer information.”

DataGuard USA is in the business of helping business owners comply with the new regulations. Through the website, www.shrednations.com, they post free guidelines for FACTA Compliance. The top five steps include:

1. Certification and Documentation. Businesses need to be able to prove
that they have shredded their sensitive documents to be FACTA
compliant. This requires documentation of “what” they shredded and
“when” they shredded it. The most efficient way to meet this
requirement is to use a certified shredding service that provides a
“Certificate of Destruction.”

2. Develop Policies and Procedures. Businesses must have a written
program outlining how to maintain and shred documents. An example of
such a policy is posted to the www.ShredNations.com website.

3. Schedule your Shredding. Have regularly scheduled paper shredding to
prevent the liability from storing excess records with personal
information.

4. Train Employees. Storage and shredding must be covered in your
company handbook. Businesses should have regular training sessions
for all personnel. Teach everyone the “if in doubt, shred” rule.

5. Disposal Plan for Electronic Media. The new FACTA regulations also
apply to magnetic media. Businesses should include floppy disks,
CDs, and hard drives that may contain sensitive data in their record
retention plan.

If businesses follow these guidelines, Hastert says they have a good chance of staying in FACTA compliance. “Companies need to document that they are taking these regulations seriously,” he says. “With a good plan and the proper documentation, you can prove that you are protecting your customers from identity theft.”

For more information, call Steven Hastert at 303.336.0165.

paper shredding services
Posted in Paper Shredding News, Shredding Laws