Research: Firms Vulnerable to ID Theft

BOSTON -- When it comes to shredding sensitive business documents, leaders of some of Americas largest companies are devoting more attention and more money to keeping information safe. But despite the extra effort, many admit unfamiliarity with key federal and state laws governing information privacy, leaving them vulnerable to fines and identity theft.

These are the central findings from a survey of business professionals and managers responsible for safeguarding their company’s information. Conducted on behalf of Iron Mountain Incorporated (NYSE: IRM), the global leader in information protection and storage services, the survey targeted companies with annual revenue of at least $750 million.

Perhaps most surprising among the survey’s findings is that companies believe they’re more familiar with federal requirements for information destruction than they actually are. While nearly three in four respondents (74 percent) express familiarity with federal requirements, fewer than one in three (30 percent) are aware of the Federal Trade Commission’s Fair and Accurate Credit Transactions Act (FACTA) Disposal Rule, one of the top laws governing U.S. businesses on information security and disposal. The FACTA Disposal Rule mandates that organizations properly dispose of papers that contain consumer information through methods such as burning, pulverizing or shredding so that the “information cannot practically be read or reconstructed.”

Iron Mountain Inc.