Fair and Accurate Credit Transactions Act
The Fair Credit Reporting Act defines the term consumer report to include information obtained from a consumer reporting company that is used – or expected to be used – in establishing a consumer’s eligibility for credit, employment, or insurance, among other purposes. Credit reports and credit scores are consumer reports. So are reports businesses or individuals receive with information relating to employment background, check writing history, insurance claims, residential or tenant history, or medical history
What are the FACTA Data Destruction requirements?
The FACTA Disposal Rule requires disposal practices that establish policies to to prevent the unauthorized access to – or use of – information in a consumer report. Examples of such measures include:
Burning, pulverizing, or shredding papers containing consumer report information so that the information cannot be read or reconstructed.
Destroying or erasing electronic files or media containing consumer report information so that the information cannot be read or reconstructed.
Conduct due diligence and hire a document destruction contractor to dispose of material specifically identified as consumer report information consistent with the Rule. Due diligence could include:
Reviewing an independent audit of a disposal company’s operations and/or its compliance with the Rule;
Obtaining information about the disposal company from several references;
Requiring that the disposal company be certified by a recognized trade association;
Reviewing and evaluating the disposal company’s information security policies or procedures.
Who must be FACTA compliant?
The Disposal Rule applies to people and both large and small organizations that use consumer reports. Among those who must comply with the Rule are:
Consumer reporting companies
Attorneys or private investigators
Individuals who obtain a credit report on prospective nannies, contractors, or tenants
Entities that maintain information in consumer reports as part of their role as service providers to other organizations covered by the Rule
How can e-End keep an organization in compliance?
As a third-party vendor, e-End can provide certified destruction of the data found in consumer reports that reside on computers, copiers, printers and other end-of-life electronics that are being taken out of service. We employ a variety of data destruction methods to ensure this sensitive data will be destroyed and cannot be recovered by any means.
In addition to being NAID AAA Certified for sanitizing data on all electronic and non-paper media (including hard drives, flash drives and cell phones), we also adhere to NSA and NIST 800-88R1 guidelines for data destruction to ensure you’ll remain compliant with the FACTA rules.
After our services have been completed, you’ll be issued a Certificate of Certified Data Sanitization and Certificate of Recycling for your records.
For organizations with data for destruction that, due to security reasons, cannot leave your facility, we can perform all data sanitization services onsite at your office or facility with no disruption.
Contact us today to learn more about how we can keep you compliant with FACTA and other regulations.
Computer Recycling Drop Off Location:
Monday – Friday: 9AM-4PM
Saturday - Sunday: Closed
7118 Geoffrey Way Unit E
Frederick, MD 21704
Phone: (240) 529-1010