PROPERLY DESTROYING SENSITIVE DATA IS THE LAW.
DID YOU KNOW that Texas business leaders are legally required to properly dispose of customers’ sensitive data? According to the Texas’ Business & Commerce Codes §72.004 and §521.052, any business caught improperly disposing of business records can be fined up to $500 for each record, and in the case of data breach, up to $50,000 for each violation by the state of Texas. These fines do not include any penalties exacted by the U.S. government under the FTC’s FACTA Disposal Rule, which applies to virtually every business operating in the United States.
UNDER TEXAS LAW, shredding is specifically noted as a proper disposal method of your old data. If your hard drives or other data-bearing media contain any of the following information, it is best to physically destroy the data for the ultimate security, to avoid state and federal penalties, and to ensure data disposal compliance:
- Consumer information for a business purpose (Disposal Rule)
- Medical data (PHI disposal and HIPAA and HITECH)
- Student educational records or employee educational transcripts (FERPA)
- Financial reports (Disposal Rule, Red Flag Rules, Safeguards Rule, and GLB)
- Legal data, especially containing health and financial records, trusts, or wills (Disposal Rule)
REGARDLESS OF THE SIZE OF YOUR COMPANY, data protection and breach prevention is essential during the entire life cycle of your data (click here for more information). Physical destruction of your media is the most secure method you can choose to ensure end-of-life data breach prevention and data disposal compliance.