State & Federal Shred Law

If you are a Texas business and collect personally identifying information, HB 698 applies to you.
Free Risk Assessment

Learn Which Laws Apply to You.

Texas Information Disposal Act (HB 698)

Does Texas Information Disposal Act (HB 698) Apply To You?
If you are a Texas business and collect personally identifying information, HB 698 applies to you. It doesn’t matter when you’ve collected the information, HB 698 applies to all records created before, on or after September 1, 2005.

698(3) (d) When a business disposes of a business record that contains personal identifying information of a customer of the business, the business shall modify, by shredding, erasing or other means, the personal identifying information to make it unreadable or undecipherable.

698(3) (e) A business is in compliance with Subsection (d) if the business contracts with a person engaged in the business of disposing of records for the modification of personal identifying information on behalf of the business in accordance with Subsection (d).

Does Texas Information Disposal Act (HB 698) Have Teeth?
A your business doesn’t dispose of documents accordingly, you are liable for a civil penalty of up to $500 for each record. Additionally, the Texas Attorney General can bring action against the business and:

698(3) (f). (1) recover the civil penalty; (2) obtain any other remedy, including injunctive relief; and (3) recover costs and reasonable attorneys’ fees incurred in bringing the action.

A business that modifies its documents in good faith is not liable for a civil penalty even if the record is reconstructed, in whole or in part, by extraordinary means.

Learn More

Identity Theft Penalty Enhancement Act

H.R. 1731 was enacted in 2004 and established penalties for aggravated identity theft or identity theft in connection with the commission of a felony. Under the offenses established under the act, it states “Whoever, during and in relation to any felony violation enumerated in subsection (c), knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person shall, in addition to the punishment provided for such felony, by sentenced to a term of imprisonment of 2 years.”

As much as 70% of all identity theft cases involve people inside companies. As a business, if you’re irresponsible with your customers information, you can be responsible for the aftermath of a stolen identity.

  • Fraudulent charges now average more than $90,000 per name used.
  • Nearly 85% of all victims find out about their identity theft case in a negative manner.
  • The average time spent by victims is about 600 hours.
  • While victims are finding out about their cases earlier, it is taking far longer now than before to eliminate negative information from credit reports.
  • A large majority of respondents indicates the opening of a credit card (73%) or takeover of a card account (27%) to be among crimes committed.
  • The emotional impact of identity theft has been found to parallel that of victims of violent crime.

Learn More

Texas House Bill 2278 – Business and Commerce code

Texas is one of 32 states in the US that require documents and all media to be protected and destroyed. Your business is required to implement and maintain reasonable procedures, including taking any appropriate corrective action, to protect from unlawful use or disclosure any sensitive personal information collected or maintained in the regular course of business.

The law also requires physical or electronic data to be securely stored and destroyed by shredding.

Items like: Social Security, Date of birth, unique biometric data, electronic identification numbers, telecommunication access, financial records, driver licenses, credit applications, payment records or information, patient information, etc…


The Attorney General may bring an action to recover civil penalties or to seek an injunction against persons who fail to take reasonable action to comply.


Violations relating to sensitive personal information may result in a civil penalty of at least $2,000 but not more than $50,000 for each violation.

Improper disposal of a business record may be subject to a civil penalty up to $500 for each business record.

Learn More


Health Insurance Portability And Accountability Act
HIPAA, a federal law enacted in 1996, requires health care organization to “maintain reasonable and appropriate, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information.” The protected health information refers to all individually identifiable health information held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral.

Individually identifiable health information is information, including demographic data, that relates to:

  • the individual’s past, present or future physical or mental health or condition
  • the provision of health care to the individual
  • the past, present, or future payment for the provision of health care to the individual

and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.

Learn More


The Fair and Accurate Credit Transaction Act
FACTA was enacted in 2003 and amended in June 2005. FACTA provides consumers, companies, consumer reporting agencies and regulators with new tools to expand consumer access to credit, create a more accurate consumer financial information and help fight identity theft.

Does FACTA Apply To You?
FACTA’s Disposal Rule applies to any company or person that “maintains or otherwise possesses consumer information or any compilation of consumer information, derived from consumer reports for a business purpose.” It calls for the proper disposal of information in consumer reports and records to protect against “unauthorized access to or use of the information.” Among those who must comply with the Rule are:

  • Consumer reporting companies
  • Lenders
  • Insurers
  • Employers
  • Landlords
  • Government agencies
  • Mortgage brokers
  • Automobile dealers
  • Attorneys or private investigators
  • Debt collectors
  • Individuals who obtain a credit report on prospective nannies, contractors, or tenants
  • Entities that maintain information in consumer reports as part of their role as service providers to other organizations covered by the Rule.

Learn More


Gramm-Leach-Bliley Act
The Gramm-Leach-Bliley Act, also known as The Financial Modernization Act of 1999, creates provisions to protect consumers’ personal financial information held by financial institutions. Paper documents containing personal information should be protected when in use and safely destroyed when no longer current and or unusable.

The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions “such as credit reporting agencies” that receive customer information from other financial institutions.

Does GLB Apply To You?
The GLB Act applies to just about any business that’s involved in providing financial products or services to consumers. This includes check-cashing businesses, mortgage brokers, banks, insurance companies, real estate appraisers, tax preparation businesses and accountants, ATM operators, credit counselors, financial advisors, debt collectors and more.

Does GLB Have Teeth?
Failure to comply can result in an enforcement action by the FTC and can result in civil penalties of up to $11,000 per violation.

Learn More


Sarbanes-Oxley Act
In 2002, SOX was enacted after the Enron and Worldcom financial scandals with the primary intent of increasing corporate responsibility and financial reporting while combating corporate and accounting fraud.

Does SOX Apply To You?
Sarbanes-Oxley Act applies to public companies based in the United States or traded on US stock exchanges. If SOX applies, you are required to have a record and information management policy. Companies should create formal written policies and procedures outlining the process and identifying the specific tasks and roles within the process, including procedures related to document destruction and how the company would stop document destruction if anticipating an investigation.

Learn More

Check 21 Act

Check Clearing for the 21st Century
The Check 21 Act allows and encourages banks to provide a substitute cancelled checks instead of the original check. Effective October 2004, it allowed banks to make check processing fast and more efficient by handling more checks electronically. Traditionally, banks physically move original paper checks from the bank where the checks are deposited to the bank that pays them. This transportation can be inefficient and costly.

For Financial Institutions With Document Retention Policies
Regardless of how long you keep customers checks, we can ensure that all checks are completely destroyed as soon as your retention date has passed. Whether you needs a weekly, bi-weekly or monthly check purge, we can supply you secure containers to store your checks for purge and schedule regular service intervals to ensure proper destruction of all checks while removing your future liabilities.

Learn More


Family Educational Rights and Privacy Act of 1974
FERPA is a Federal law that protects the privacy of student education records. FERPA regulates access to and disclosure of student education records. It give students and parents the right to inspect and review the students’ education records maintained at the institution and request corrections to records believed to be inaccurate or misleading. Under 34 CFR §99.30 through §99.39, the educational institution must also keep a record of each disclosure of personally-identifiable information from student records.

Improper disposal of student records may constitute an unauthorized disclosure under FERPA – the educational institution does not have consent for such disclosure, and will not have a record that any disclosure was made.

Learn More

The Economic Espionage Act of 1996

The Economic Espionage Act of 1996 (EEA) provides new legal tools to prosecute those who commit economic espionage by stealing trade secrets.

The term trade secret refers to all forms and types of financial, business, scientific, technical, economic or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing.

Learn More


Is your business secure? With 9 billion records compromised to date, can your company afford a security breach? Let Renewed Solutions provide a free risk assessment and simplified solutions that employees will adopt.

Learn More


Did you know that paper accounts for 25% of material placed in our landfills? Worse, electronic waste accounts for over 20 million tons of toxic waste each year. Let Renewed Solutions help you reduce waste.
Learn More


Has your company evaluated its compliance requirements for retaining and destroying confidential information? With only 47% of US businesses shredding & providing compliance training, your business may be at risk.
Learn More

Make Sure You’re Compliant!

Outsourcing Your Shredding Is More Secure And Less Expensive Than Shredding It Yourself.
copyright © 2021 – Renewed Solutions, LLC