Regulatory Compliance 101: Understanding HIPAA, FACTA and GLBA

Securities in place to protect information and why regulatory compliance – the steps an organization takes to adhere to these laws –  is vital.

The need for information security has never been greater. Today, as digital communications and transactions continue to grow, there are new legislations being enacted that protect consumers and businesses from ill harm.

In this post, we’ll look a little deeper at some of the securities in place to protect information and why regulatory compliance – the steps an organization takes to adhere to these laws – is vital.


The Health Insurance Portability And Accountability Act, also known as “HIPAA” became a law back in 1996 and was signed into action by then President Bill Clinton. It aims to protect the privacy of patients medical information. It also continues to play a key role for the healthcare industry as it transitions to digital formats. As this happens, steps help to ensure that information is protected throughout the process and that all health data is shared using common codes as a step to protect sensitive personal health information.


The Fair and Accurate Credit Transactions Act, or “FACTA,” is an amendment added in 2003 to the Fair Credit Reporting Act. It limits how financial data is shared or produced. As more digital transactions occur, this keeps information private and accurate. It also enables consumers to fight against identity theft. The regulation calls for the 3 major credit reporting agencies to provide credit reports to the consumer for free, as well as the ability to add alert messages on their files for anyone concerned they might be a victim of fraud. The act also requires that personal account numbers on printed receipts be truncated so the full number is not printed. The act also states that collection agencies must report charges that are a result of identity theft to creditors and that all reports and information about consumers is disposed of properly.


This legislation was put in place to help ensure that financial institutions are clear about how they share data from customers and that the steps they are taking keeps it private. It is enforced by the FTC, the federal banking agencies, and other federal regulatory authorities, as well as state insurance oversight agencies and is referred to as the Financial Modernization Act of 1999 or the “Gramm-Leach Bliley Act” (GLBA). The law requires that customers not only be informed about their private data but also given the opportunity to opt out of having their private information shared with third parties. In addition to building customer trust, adherence with GLBA lowers a financial institution’s risk of penalties or security breaches that could damage their reputation and credibility.

Getting serious about data security has never been more important. In addition to hefty fines from violations of regulatory compliance, there are a number of other legal punishments that could happen. If you need a company you can trust to help keep you compliant, trust the team at Legal Shred.


Regulatory Compliance

Service Areas: New York ShreddingLong Island Shredding; New Jersey ShreddingConnecticut Shredding and more!