Home > Blog > FACTA Compliance Tips

FACTA is an amendment to the Fair Credit Reporting Act of 1970. This act was created to further the protection of American citizens and help prevent consumers from becoming victims of identity theft. When the Federal Trade Commission (FTC) issued a new rule in 2005 that required businesses to properly dispose of and destroy sensitive consumer data, most security experts considered it to be a step in the right direction. Identity theft is a consistent problem in the world of business, with damages exceeding $20 billion yearly. This type of crime can seriously hurt businesses and individuals worldwide and the problem shows no signs of slowing down. Improper destruction of documents can allow thieves access to credit or debit card information, telephone accounts, checking and savings accounts, loans, mortgages and so on. A thief only needs a few pieces of sensitive information to wreak havoc on your identity and life. This can have a lasting impact on important things like your bank account and credit score.  This is one of the reasons that you need secure document disposal and mobile paper shredding services for your business.

You need to pay attention to sensitive document disposal. Often times, people shred documents to ensure that their information and the information of those that they are responsible for is kept private, secure and in the right hands. For every individual to decide their own standards for shredding would be time-consuming and unnecessary, which is why FACTA exists. It is part of the basis for the practice of compliant shredding, which is shredding that complies with federal and state rules/regulations. Making sure that the shredders or shredding companies you use are familiar with compliant shredding will guarantee the security of your information. You will also avoid unnecessary headache and litigation in the event of a legal situation or identity theft.

What is FACTA?

FACTA stands for the Fair and Accurate Credit Transaction Act. It is a federal law that was enacted in 2003 by the United States Congress and if you’ve heard of it, it’s probably because it’s the law that entitles every American citizen to request and obtain a free credit report at least once every 12 months. The act also aims to protect against identity theft, increase the accuracy of consumer records, and make improvements in the use of credit information. FACTA provides a standard of protection that is used around the country. There are three main goals of FACTA, which include consumer protection, security, privacy and credit reporting. According to a 2014 report in identity theft and fraud, the number of identity theft victims in America in 2013 climbed to 13.1 million, an increase of 500,000 compared to 2012.

These goals ultimately improve overall consumer data security and are helping to reduce instances of identity theft. If you haven’t heard of the Red Flag Rule, read on. It not only applies to large financial institutions! It can apply to small business owners that deal with sensitive documentation as well. These new regulations can affect every type of business.

What is a FACTA Red Flag Rule?

A red flag rule requires businesses to develop and implement programs that can identify potential identity theft through suspicious activities. If someone in the business notices a series of suspicious activities related to sensitive information, these patterns could be called “red flags”. Every business must create a compliance program to identify and respond to red flags. Once developed, employees and coworkers must be trained on the program.

This and other aspects of FACTA will be controlled and enforced by the Federal Trade Commission (FTC). There are also opportunities for individuals to seek damages under this and other laws. With all privacy legislations, you must be on the top of your game to prevent damages to you, your customers and your business. If an employee fails to recognize and identify red flags in the business, the penalty can result in a lawsuit that can cripple your business. The rule applies to any business that offers or connects customers to credit.

Almost every business qualifies. Any business that deals with credit can be affected. Medical practices, retail stores, phone services, car dealerships, schools, banks and financial institutions are a few of the types of business that can be at risk for identity theft. Make sure you hire a reputable shred service to protect yourself.

Once you have created a compliance program, your employees need to be educated on the importance of this matter. This means more than just sending a memo to the entire office. Take a few hours out of your day to sit down with your employees and work with them to protect all of the private information in your care and their care. All of this training should be documented for compliance records in the event of a legal situation.

Consequences of non-compliance with FACTA

If, for whatever reason, you fail to comply with FACTA regulations, you can expect to face lawsuits or class-actions that will be a financial burden. If you are a victim of a data breach that leads to identity theft cases for multiple customers, be prepared.

Individuals who experience identity theft because of your negligence to implement and abide by FACTA regulations can seek damages under the law. For each individual failure to comply, a victim can seek up to $1000 per individual violation. Facing a tarnished reputation can lead to a loss of business and more. This, coupled with the steep fines of litigation, can effectively end a business.

businessman shredding important documents. paper shredder. man in suit. document disposal

Businesses and FACTA:

  1. Unlike other privacy laws that can influence only one industry, this law applies to pretty much every type of business and private employer. For example, all of the following types of companies handle sensitive consumer information: consumer reporting agencies, mortgage lenders, automobile dealers, waste disposal companies, real estate brokerages, consumer reports, lenders, insurers, healthcare employers, schools, banks and so on. Many places you go will have stacks of confidential information that needs to be on a strict shredding schedule.
  2. Private information in the context of FACTA consists of the following: insurance claims, residential or tenant records, check-writing histories, waste disposal companies, employment background reports, credit scores, medical histories and more.
  3. Companies must take ‘reasonable measures’ to protect information from unauthorized access in connection to its disposal. The FTC recommends that companies put an information security policy in place that ensures that sensitive data can’t be recreated by identity thieves. Many security experts recommend shredding documents.
  4. There can be fines and punitive damages for non-compliance towards FACTA.
  5. Documents that contain personally identifiable information should be tracked and clearly labeled with destructions dates as part of a comprehensive document management policy. Having a clear document destruction schedule set in place can help streamline this process.
  6. Partnering with a reliable and professional shredding service with a proven track record can help protect you and your company from liability and safeguard you and your employees. Make sure that the company uses high security procedures and containers while transporting the papers to a secure shredding site.
  7. The information security policy should include email, e-media and hard drive destruction as well.

 

Free Credit Reports

FACTA introduced an aspect that sat well with consumers across the country. FACTA entitles customers to one free credit report every twelve months from any of the three nationwide consumer credit reporting companies. If you’ve spent any time in front of the television, you may have seen one of these commercials. Allowing consumers to check their credit history can give individuals more control over their own information.

Commercial Shredding

Shred With Us is here to help your business succeed. When you choose our services, it means you have more time to dedicate to your customers and to make your business reach its full potential. Contact us today to discuss what type of shredding you need to switch to a paperless office and free up some valuable office space. We offer full-service document shredding in the Georgia, North Carolina and South Carolina areas. We also offer secure shredding drop off to Atlanta, Columbia, Charlotte and Charleston. We are a top-rated and certified shredding company that provides secure shredding and document destruction solutions.

The Carolina’s leading document shredding services company, we are committed to providing services that will help our customers achieve the level of information security and privacy they require to ensure continued business success. We will continuously strive for the highest standards of courtesy, professionalism, and Guarantee – Total Customer Satisfaction.

If you have any questions about FACTA compliance or are interested in learning more about secure document destruction, do not hesitate to give us a call.

Add Your Comments

Your email address will not be published. Required fields are marked *