Shredding to Comply with Federal Data Privacy Laws

The US government has set forth laws to discourage identity theft, and many of these laws directly affect your business and its document disposal practices. Learn more about the current laws and how A Shred Ahead helps you to stay in compliance.

Identity theft is a major issue in today’s society, and the onus is not solely on the individual to ensure that they avoid having their identity stolen. Businesses in the United States are required by the federal government to take measures to ensure their customers’ privacy, especially when it comes to documents that could lead to identity theft if they fell into the wrong hands.

There are several federal acts which detail how your business must handle sensitive customer and patient information when disposing of it. By and large, each of these acts require businesses to shred or otherwise destroy customer or patient documentation, but business owners should be careful to follow all applicable regulations as included in these acts.


The Fair and Accurate Credit Transaction Act, or FACTA, provides detailed guidelines for how businesses of all sizes must handle the storage and disposal of sensitive consumer information, specifically that which is contained in credit reports. FACTA gives three options for companies which need to dispose of consumer information: burning, pulverizing, or shredding. FACTA does allow for companies to hire contractors, like A Shred Ahead, to appropriately dispose of their sensitive documents, which many companies find far more appealing as it ensures that FACTA compliance will be met while freeing up valuable employee time.


The Health Insurance Portability and Accountability Act, or HIPAA, applies specifically to healthcare organizations. It spells out specific guidelines for how healthcare organizations must store, transmit, and dispose of patient data. Appropriate safeguards must be put in place for any data that is stored or transmitted from the healthcare organization, and the act specifically encourages the shredding of documents containing protected patient information upon disposal. The Department of Health & Human Services website offers several comprehensive guides for healthcare organizations to help with full HIPAA compliance.


The Gramm-Leach-Bliley Act, or GLBA, requires that financial institutions, including banks, protect the confidentiality and security of their customers’ information. Financial institutions are required under GLBA to have written information security plans which detail existing safeguards, identify and assess risks, and provide a comprehensive plan for any necessary security changes. Like the above acts, GLBA also requires proper disposal of documents to include complete destruction of the documents through shredding and strongly encourages that it be handled by an outside contractor, like A Shred Ahead.

A Shred Ahead uses state-of-the-art shredding equipment to provide businesses of all sizes with FACTA, HIPAA, and GLBA compliant document destruction. We work with businesses like yours to ensure that your document destruction plan complies with all applicable federal and state regulations.

Let’s get started!

Get Your Free Quote