Delaware Representative Stephanie Bolden (D-02) introduced the "Safe Destruction of Documents Act" (H.B. 194), legislation which would require businesses to properly destroy or arrange for the destruction of a consumer's personal identifying information within its custody and control that is no longer to be retained by shredding, erasing or otherwise destroying or modifying the personal identifying information in those records to make it entirely unreadable or indecipherable.

Consumers "who incurs actual damages due to a violation" would be able to file private lawsuits. The bill exempts entities subject to and in compliance with Gramm Leach Bliley, HIPAA, or FCRA.

H.B. 194 defines "Personal identifying information" as "a consumer’s first name or first initial and last name in combination with any 1 of the following data elements that relate to the consumer, when either the name or the data elements are not encrypted:  his or her signature, full date of birth, social security number, passport number, driver's license or state identification card number, insurance policy number, financial services account number, bank account number, credit card number, debit card number, any other financial information or confidential health care information including all information relating to a patient's health care history, diagnosis condition, treatment, or evaluation obtained from a health care provider who has treated the patient which explicitly or by implication identifies a particular patient."

MRA will follow this legislation, since it has some problematic impact and will carry over to the legislature's 2012 session.

Photo credit: Paper shredding by Munir Hamdan