 |
 |
 |
 |
|||||||
 |
 |
 |
 |
 |
 |
 |
 |
|||
 |
||||||||||
 |
|
|
|
|
|
|
|
|
|
|
| THE LAW There are state and federal laws that require businesses to destroy confidential information in order to protect the privacy of consumers and patients . Listed below are several such laws. California AB 2246 went into effect in January of 2001 with a mandate that a business "must take all reasonable steps to destroy or arrange for the destruction of a customer's records within its custody or control containing personal information which is no longer to be retained by the business..." Federal Health Insurance Portability and Accountability Act (HIPAA) sets national standards for the protection of health information, as applied to the three types of covered entities: health plans, health care clearinghouses, and health care providers who conduct certain health care transactions electronically. The Gramm-Leach-Bliley Act includes provisions to protect consumers’ personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions. |
 |
 |
 |
 |