Destruction Laws

Various document destruction laws have been enacted in the United States to protect the privacy of personal information. The increase in IDENTITY THEFT crime has caused the enactment of many of these laws. Various states have also enacted laws, starting with the states of California, Wisconsin and Georgia. The most famous of the privacy protection laws is HIPAA, enacted to ensure provacy of patient information. Although some of these laws are currently state specific, it is only a matter of time before such laws will be enacted nationwide. Shredex has been at the forefront of bringing privacy protection to Florida by means of secure paper shredding and reliable document destruction using state-of-the-art equipment.


Health Insurance Portability and Accountability Act (HIPAA), was enacted in 1996 and includes provisions intended to safeguard the privacy of patient health records. HIPAA is a significant piece of legislation with onerous penalties. For a full text of the SUMMARY OF THE HIPAA PRIVACY RULE from the Department of Human Services, available online go to: See page 14 of this document in regards to paper shredding and document destruction law information.


American Medical Association

GLB (Gramm Leach Bliley)

Gramm Leach Bliley (GLB) is another federal law with a much broader scope than HIPAA. The broad standards outlined in this law were designed to compel financial institutions to “respect the privacy of its customers and to protect the security and confidentiality of those customers’ non-public personal information.” Certain clauses include privacy protection laws that suggests that paper documents containing such personal information should also be protected and safely destroyed.


Senate Banking Committee
Federal Trade Commission


The Fair and Accurate Credit Transactions Act of 2003 also known as the FACT Act was signed into law on December 4, 2003. In general, the Act amends the Fair Credit Reporting Act (“FCRA”). The Act contains a number of provisions intended to combat consumer fraud and related crimes, including identity theft, and to assist its victims. Specifically, it includes vertbiage relating to privacy protection laws that requires the destruction of PAPERS CONTAINING CONSUMER INFORMATION. It is hard to imagine any business or organization that is not bound by this law.

The proposed DISPOSAL RULE

Sec. 682.3 Proper disposal of consumer information.
(a) Standard. Any person who maintains or otherwise possesses consumer information, or any compilation of consumer information, for a business purpose must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.

(b) Examples. Reasonable measures to protect against unauthorized access to or use of consumer information in connection with its disposal would include:

(1) Implementing and monitoring compliance with policies and procedures that require the burning, pulverizing, or shredding of papers containing consumer information so that the information cannot practicably be read or reconstructed.


National Consumer Law Center
Federal Trade Commission
Privacy Rights Organization