Document Destruction, Personal Identifying Information

Document Destruction, Personal Identifying Information

The Colorado Consumer Protection Act, CRS 6-1-713, regulates document disposal and destruction of paper documents containing “personal identifying information“.

ABC Legal Docs logoPersonal Identifying Information, as defined in this law, means, a:

  • Social Security Number
  • personal identification number
  • password
  • passcode
  • state or government-issued driver’s license number
  • state or government-issued ID card number
  • government passport number
  • biometric data
  • employer, student or military ID number
  • financial transaction device

Each public or private entity that uses documents containing personal identifying information shall develop a policy for the destruction or proper document disposal of paper documents containing personal identifying information.

If a recycler or disposal firm is used for destroying documents, the recycler or disposal firm is not required to verify that the documents it received for document disposal or recycling have been properly destroyed or disposed of, unless specifically stated by the contract.

In addition to Colorado laws on document destruction, there are federal laws to follow.  Health Insurance Portability and Accountability Act (HIPAA), Financial Services Modernization Act (Gramm-Leach-Bliley), and the Fair and Accurate Credit Transactions Act (FACTA).

Businesses should also use secure document destruction for confidential data such as business plans, trade secrets, marketing plans, sales reports, financial reports, customer lists, vendor lists, employee lists, payroll data, and other sensitive information.

Courts have ruled there is no expectation of privacy once documents are discarded for disposal or recycling.   Criminals and competitors may acquire discarded information by “dumpster diving“.  Documents pending document destruction should be kept in a secure container, not piled up near a paper shredder.

Notarized Certificate of Document Destruction

TIP:  For good record keeping, a business should keep a notarized Certificate of Destruction, listing the specific documents or data files that were destroyed, date, address, destruction method, name of person or company that destroyed the documents, and the legal chain of custody.  Reasonable care must be used to make sure that destruction is completed using a secure process, to prevent unauthorized access to personal identifying information.

Visit our website for Colorado Springs Mobile Notary services or Colorado Notary Training classes.

© Copyright 2015  ABC Legal Docs, LLC  All rights reserved.  Do not copy.  Citations welcome.  Terms of Use apply.

Please add a valuable comment, not spam, or click the Like button for Colorado Notary Blog posts you like. Please share on social media. Our Terms of Use and Blog Comment Policy apply.

Please leave a Blog Review. Thank you!Leave a Google Review
+ +
%d bloggers like this: