July 22, 2005 / Issue No. 3-05
 
Email our Editor
Home Page
. Search back issues
. Forward to a Friend
. Subscribe/Unsubscribe
Printer Friendly
Professional Development
AGC Midyear Meeting Will Provide Opportunities to Hear From Labor Department Officials and Basic Trade General Presidents
AGC to Offer Several Management Training Programs This Fall
HR Professionals Learn and Network at AGC Forum
Employment Regulations
New Regulation on Consumer Information and Records Disposal Now in Effect
FAR Revised to Adopt DOL Regulations on Site of Work and Union Dues Notices
DHS Issues “Rebranded” I-9 Form
Hiring & Firing
Use of Popular Personality Test Deemed Violation of ADA
Collective Bargaining
Recent Bargaining Results Vary Widely, with National Average Just Slightly Above Last Year’s
Evergreen Clause Remains in Effect Despite Request to “Reopen” Agreement
Taft-Hartley Funds
Contractor Does Not Have to Make Double Benefit Fund Payments Despite Competing Union’s Claim of Territory
Davis-Bacon
Highway Contractor Must Pay Prevailing Wages to Truck Drivers Under State Law Despite Exclusion Under Davis-Bacon

  New Regulation on Consumer Information and Records Disposal Now in Effect
A new regulation that took effect on June 1 may require changes in the way that employers dispose of certain personnel records.

The Federal Trade Commission’s (FTC’s) final rule regarding the proper disposal of consumer report information and records under the Fair and Accurate Credit Transactions Act of 2003 (FACTA) amendments to the Fair Credit Reporting Act (FCRA) imposes a new requirement on anyone who “maintains or otherwise possesses consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose properly dispose of any such information or compilation.”  The purpose of the so-called Disposal Rule is to reduce the risk of identity theft and other consumer harm from improper disposal of a consumer report or any record derived from one.

The term "consumer report" includes a written, oral, or other communication of information about a person's credit, character, general reputation, personal characteristics, or mode of living that was prepared or collected by a consumer reporting agency.  Common examples in the employment context include employee or applicant background checks and employee misconduct investigations performed by third parties.  The requirements do not apply if the employer conducts its own search for background information.  Also not covered is information that does not identify individuals, such as aggregate information or blind data.

The new regulation requires that covered entities “take reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.”  The standard for disposal is vague to allow entities to determine what measures are reasonable based on the sensitivity of the information, the costs and benefits of different disposal methods, and relevant changes in technology over time.  The rule includes specific examples of measures that would satisfy the standard.  The most relevant of the listed examples are:

(1) Implementing and monitoring compliance with policies and procedures that require the burning, pulverizing, or shredding of papers containing consumer information so that the information cannot practicably be read or reconstructed;

(2) Implementing and monitoring compliance with policies and procedures that require the destruction or erasure of electronic media containing consumer information so that the information cannot practicably be read or reconstructed; and

(3) After due diligence, entering into and monitoring compliance with a contract with another party engaged in the business of record destruction to dispose of material, specifically identified as consumer information, in a manner consistent with this rule.

The rule states that it should not be construed (a) to require the maintenance or destruction of any record about a consumer that is not imposed by another law, or (b) to alter or affect any requirement imposed under any other provision of law to maintain or destroy such a record.  Therefore, personnel documents retained by employers that are not covered by the new rule, such as payroll information, tax forms, and I-9 forms, are not affected and should be retained as otherwise required by law.

The FTC has released a new publication to educate businesses about the new requirements.  To view it, click here.  To view the text of the new regulation, click here.

  [ return to top ]