If your organization doesn’t have updated, privacy law policies, in writing, that meet the legal requirements information security could be exposing your organization to severe fines, bad publicity and lost business.
Department of Health and Human Services and the FTC have established information security laws to combat identity theft. Laws legally require establish a privacy protection policy. Here are the highlights of these laws:
The Supreme Court ruled in California versus Greenwood (1988) that businesses and/or individuals do not have a broad right to privacy with respect to items they throw in the trash. Business documents thrown in the trash are open invitations for the illegal use of not only your personal or business information, but also there are several laws that require businesses to destroy rather than simply discarding information. These laws have been established in an effort to protect the privacy of patients and consumers while also protecting the business that serve them.