HIPAA Blog

[ Thursday, January 05, 2006 ]

Is that a FACTA: Some interesting internal discussions around the ol' law shop this morning about the various laws that govern companies that use or handle personal financial information. Obviously (to anyone reading this -- see the title, for example), there's HIPAA for plans providers and clearinghouses. There's Gramm-Leach-Bliley for "financial institutions," however broadly that's defined. There are the various state laws for reporting security breaches that put private financial information at risk, noted below. That's off the top of my head.

Today's questions was what restrictions or requirements are there on disposing of that type of information; do you need to shred it, do you need to keep it for a set period of time, etc. In addition to the other laws, there's also the Fair and Accurate Credit Transactions Act of 2003, of FACTA. It's basic purpose is to help victims of identity theft, but here's a pretty good website outlining its requirements and obligations.

Hat tip: Stephanie Chandler

Jeff [11:51 AM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template