Massachusetts Document Privacy


Office Paper Shredding Service, is the best way to keep your clients data private and comply with the law! We specializes in finding the right shredding service for every need. Whether you are a homeowner with a stack of junk mail that needs to be shredded, an IT Manager with some old hard drives or a managing multiple offices we have a paper shredding service for you.

Document Privacy Laws

FEDERAL OBSTRUCTION OF JUSTICE STATUTES RELATING TO THE DESTRUCTION OF DOCUMENTS

The purpose of the federal obstruction of justice statutes is to protect the honor and integrity of proceedings before the federal judiciary, proceedings before federal agencies, and proceedings before Congress.38 While there were eighteen sections in the obstruction of justice chapter of Title 18, three sections in particular dealt with the destruction of documents prior to the Sarbanes-Oxley Act of 2002 (“Sarbanes-Oxley”): 18 U.S.C. sections 1503, 1505 and 1512-sections 1503 and 1505 concerning the obstruction of justice and section 1512 explicitly forbidding the destruction of evidence by tampering with a witness, victim or informant.39 Sarbanes-Oxley has created two new obstruction of justice laws that specifically alter the destruction or alteration of documents and evidence: 18 U.S.C. section 1519, as a general anti-shredding law, and section 1520, as a retention of audit workpapers law.40 These two provisions, drafted in response to the recent corporate scandals and document destruction in the Andersen case, are protective measures, designed to preserve documents and punish those who destroy such documents without having to use the different elements of sections 1503, 1505, and 1512.41

The two main federal privacy laws are the Privacy Act of 1974 and the Freedom of Information Act. They apply only to federal government agencies. At first glance, the two laws seem diametrically opposed. The Privacy Act deals with keeping government records about individuals confidential, and the Freedom of Information Act is commonly used to pry open government files. However, these laws are attempts to balance the public’s right to know about the actions of government with the rights of an individual to retain his or her privacy.

The Privacy Act gives an individual the right to:

  • See and copy files that the federal government maintains on him or her
  • Find out who else has had access to the information
  • And request a change in any information that is not accurate or relevant

A government agency is required to:

  • Respond to a request for information within 10 days; notify the public about the types of files they maintain via the Federal Register; inform the public how they use the information; make sure the information in files is relevant
  • Not use the information for any purpose other than the one for which it was initially collected

Government files on an individual may be opened to others in a few cases including:

  • A purpose similar to the original reason for collecting the information
  • For statistical research
  • For law enforcement purposes
  • When ordered by a court
  • If it is medically necessary for the requester to have access to the information

There is no central index of federal government records about individuals. If you want to look at your records, you must first identify which agency has them. Then use the Privacy Act to ask to see your files. The agency must respond to your request within 10 days. You may be charged a “reasonable” fee for copying the file.

You may be denied access to government records about you if they involve:

  • Law enforcement activities
  • The Central Intelligence Agency (CIA)
  • Litigation
  • Civil service exams (to the extent access would affect the fairness of the tests)
  • Confidential government sources

If you are denied access to your records, you can appeal in court. You may also take a government agency to court if you believe it has improperly disclosed information about you or if you want to block impending disclosures.

The Freedom of Information Act was designed to help individuals obtain information about the actions of government. It requires that citizens be given access to government records unless disclosure involves:

  • Litigation
  • The Central Intelligence Agency (CIA)
  • Internal agency memos
  • Personnel matters
  • Trade secrets
  • Classified documents
  • Law enforcement activities
  • Confidential government sources
  • Violating an individual’s privacy interests
  • Civil service exams (to the extent it would affect the fairness of the tests)

The agency has 20 days to make a determination on a request for access. If you are denied, you may appeal the denial either within the agency itself or in court.

State Privacy Laws

Massachusetts Privacy Law (201 CMR 17)

In September 2008, Massachusetts enacted a sweeping new privacy law to protect the personal information of Massachusetts residents that went into effect on March 1, 2010. If you do business with residents of Massachusetts or have employees that reside in Massachusetts, you must comply.

What are the key requirements?

The Massachusetts law is the first in the nation to require specific technology when protecting personal information. Both “data at rest” and “data in transit” over a public network, such as the Internet, that contain personal information must be encrypted. Personal information is defined as a Massachusetts resident’s name in combination with one of the following – with or without a security code, access code, PIN, or password that would permit access to a resident’s financial account:

  • Social Security number
  • Driver’s license number or state-issued identification card number
  • Financial account number or credit/debit card number

What organizations are impacted?

This new legislation affects all organizations who own or license personal information of Massachusetts residents —regardless of the size or location of the business.  And, organizations must require and oversee that third-party service providers with access to personal information also comply with the new law.  Organizations affected include:

  • Businesses that track customers by account numbers (such as healthcare institutions and related vendors)
  • Retailers that accept credit cards for purchases by Massachusetts customers
  • Financial institutions (such as banks, insurers, or brokerages) with customers residing in Massachusetts
  • Companies with branch offices located in Massachusetts
DROPOFF-SHREDDING-CHELMSFORD
Advertisements