DISPOSING OF CONSUMER REPORT INFORMATION
In an effort to protect the privacy of consumer information and reduce the risk of fraud and identity theft, the federal government created the Disposal Rule. This legislation requires businesses to take appropriate actions to dispose of sensitive information derived from consumer reports to safeguard against identity theft crimes. According to the Federal Trade Commission (FTC), organizations and individuals covered by the Rule can determine what disposal measures are reasonable, based on the sensitivity of the information, the costs and benefits of different methods, and changes in technology.
Who Must Comply?
The Disposal Rule applies to individuals and organizations of various sizes that use consumer reports. The following professionals must comply with the rule:
- Consumer reporting companies
- Lenders
- Insurers
- Employers
- Landlords
- Government agencies
- Mortgage brokers
- Automobile dealers
- Attorneys and private investigators
- Debt collectors
- Those who obtain credit reports for prospective nannies, contractors or tenants
- Entities that maintain information within consumer reports as part of their role as a service provider to other organizations
What Information is Covered in the Disposal Rule?
The Disposal Rule applies to all information found within consumer reports. According to the Fair Credit Reporting Act, consumer reports include information obtained from a consumer reporting agency that is used—or expected to be used—in establishing a consumer’s eligibility for credit, employment or insurance. This may include credit scores, check writing history, insurance claims, tenant history and medical history.
Under this legislation, disposal of consumer report information must be done in a reasonable and appropriate manner to prevent unauthorized access to private data. This may include the following:
- Burning, pulverizing or shredding papers so that they cannot be read or reconstructed
- Destroying or erasing electronic files or media so that the information cannot be read or reconstructed
- Conducting due diligence and hiring a document destruction contractor to dispose of materials specifically identified as consumer report information consistent with the Rule, including the following:
- Reviewing an independent audit of a disposal company’s operation and/or its compliance with the Rule
- Obtaining information about the disposal company from several references
- Requiring that the disposal company be certified by a recognized trade organization
- Reviewing and evaluating the disposal company’s information security policies and procedures
To abide by this legislation, the FTC recommends including proper disposal practices in your security program. For more information on the Disposal Rule, visit www.ftc.gov. INSURICA has additional resources to help you remain compliant, give us a call today at 405-523-2100.
About the Author
Share This Story
Related Blogs
Environmental Liabilities at Agriculture and Farming Properties
The most common environmental and regulatory exposures encountered at agriculture and farming properties include the following:
Addressing Bullying and Cyberbullying
Bullying and cyberbullying remain prevalent issues in schools, posing significant challenges to student safety and well-being. As educators and administrators, it's essential to address these issues proactively and create a safe and supportive environment for all students.
National Work Zone Awareness Week Takes Place April 15-19
The National Work Zone Awareness Week (NWZAW) will take place April 15-19, 2024, in conjunction with National Occupational Research Agenda’s (NORA) Construction Stand-down to Prevent Struck-by Incidents event. In 2021, 956 people died in work zones, according to the NHTSA FARS data. Also in 2021, 108 highway worker occupational fatalities occurred in road construction sites, based on BLS data. Further data is available on WorkZoneSafety.org.