As a small business owner or office manager, you take security seriously. Following a retention schedule and destroying documents when the time is right are just two ways you can protect your business and your customers from identity theft and other crimes. But, these steps are also critical to remaining compliant with federal, state, and local laws.
One of those laws is the Fair and Accurate Credit Transactions Act, better known as FACTA or the FACT ACT.
If you’re asking yourself what FACTA has to do with your small business, you’re not alone. Let’s take a closer look at the law, how it applies to you, and how you can remain compliant.
What is FACTA?
Enacted in 2003, FACTA is an amendment of the Fair Credit Reporting Act of 1970. The amendment aims to better protect consumers from identity theft, improve consumer disputes, and increase access to credit information.
From a consumer’s perspective, the most notable stipulation of FACTA is the provision that every consumer is entitled to free access to their credit report from the three major credit bureaus (Equifax, Experian, and Transunion) once every 12 months. Another provision you’ve likely encountered is the truncation of credit card and debit card numbers on receipts. The law prohibits business owners like yourself from printing more than five digits of a customer's card number or card expiration date on any receipt.
How does FACTA affect small business owners?
In addition to the credit card truncation provision, which is probably handled by your point-of-sale technology, you need to be aware of FACTA’s Disposal Rule. The rule, which went into effect in 2005, requires “businesses and individuals to take appropriate measures to dispose of sensitive information derived from consumer reports.”
This rule applies to virtually all businesses, but has particular relevance for lenders, insurers, landlords, mortgage brokers, car dealers, and attorneys who deal with consumer information like credit reports and credit scores on a daily basis. If you deal with these files, you need to ensure proper and compliant destruction. Failure to comply can result in civil liability, class-action lawsuits, as well as federal and state fines.
How can a small business comply with FACTA’s Disposal Rule?
Attempting to dispose of documents in-house can be cumbersome and even dangerous. That’s why many businesses choose to partner with a professional records management and document destruction company to ensure that they do the job right.
With a professional partner, it couldn’t be easier to ensure your business remains FACTA compliant. Document destruction services deliver secure bins to your office, where employees can safely dispose of sensitive documents. Those documents are then destroyed on a regular schedule either safely at your office or offsite. With offsite document shredding, all information leaves your business in a GPS monitored vehicle for secure tracking.
How can you find the right partner? Look for a document destruction company certified by the National Association for Information Destruction (NAID). This is the international trade association for companies providing information destruction services. It promotes ethical and efficient information destruction according to policies and procedures in a given industry.
NAID-certified businesses undergo a variety of accountability checks in order to remain certified. For one, they must pass frequent thorough and unannounced audits. Additionally, employees are subject to rigorous background checks and security screening processes. This ensures that they are qualified to handle, transport, store, and destroy confidential documents.
If you want to get your business on track for FACTA compliance, our NAID certified document destruction department at Gilmore Services can help. Learn more about our experience and shredding services by downloading our secure shredding bins guide to discover which is right for your facility. Have questions? We’re here to help. Simply contact our shredding experts today.