Privacy

The Federal Trade Commission (FTC) issued as final a rule that, as of June 1, 2005, requires businesses and individuals to judiciously dispose of sensitive information from consumer reports ( www.ftc.gov/opa/2005/06/disposal.htm ; www.ftc.gov/os/2004/11/041118disposalfrn.pdf ). The standard, known as the Disposal Rule, is part of the Fair and Accurate Credit Transactions Act of 2003. Members in public practice and industry should inform their clients and employers of the rule’s provisions, which permit affected organizations and individuals to identify disposal measures that correspond to the sensitivity of the information, the costs and benefits of various disposal methods and changes in related technology. Financial institutions subject to the Disposal Rule and the Gramm-Leach-Bliley Safeguards Rule, which requires institutions to protect sensitive customer information, should add related practices to the information security program the Safeguards Rule requires them to establish ( www.ftc.gov/privacy/privacyinitiatives/safeguards.html ).