Document Retention Compliance

Document Retention Compliance

In today’s world with the rising number of identity theft cases, Federal and State regulations have become very strict in terms of document handling and destruction, especially in the medical, financial, and legal fields. These regulations and compliance guidelines are put in place to protect the consumer from their personal, private information being easily stolen. But as with anything in this world, as the criminals become more sophisticated, the laws have kept up as well.

Some of these regulations and compliance guidelines include:

  • HIPAA: passed in 1996, this law regulates Personal Health Information (PHI). This law put into place regulations to protect the patients’ private records as well as to prohibit the disclosure of these records. Medical offices and healthcare professionals need to take great care in hiring a HIPAA compliant document shredding company so as to not face large fines.
  • FACTA: The Fair and Accurate Credit Transactions Act is an all-encompassing law which enforces business of all sizes, even those employing one person, to shred all personnel-related documents before throwing them out in order to try to prevent dumpster divers from capturing sensitive, personal information. Unlike the other regulations, this one is not industry specific.
  • RED FLAG: This is a law issued by the FTC, NCUA, and the federal bank regulatory agencies as part of the FACTA regulation was created to help stop identity theft. The law requires financial organizations and creditors to create written theft prevention programs.
  • GRAMM LEACH BLILEY ACT: this law, signed in 1999, is also known as the Financial Modernization Act of 1999, required financial organizations to provide customers with written privacy notices that explain the information sharing practices of the organization. It is broken into three parts, Privacy, Safeguards, and Pretexting Provisions, of which the Safeguards Rule dictates that financial organizations implement certain security programs and protocols to protect the private information that they gather.


While not the same under all situation and industries, it is important to keep in mind retention periods of different types of documents. The type of information contained will determine how long you must keep a document on file before you are able to destroy and dispose of it. So while document shredding is a vital office process, it is of the utmost importance to know the retention period for your documents in order to remain in compliance.

Get your free quote today

Not sure how to comply with these regulations, or not sure of retention rates for different types of documents that you have on file? Fill out the Request a Quote form on the right, or call us at (800) 472-9716 and we can help you to determine the what regulations apply to your industry and the steps needs in order to stay within compliance.