TMCnet News
New FTC Rule to Guard against Identity Theft Comes as Companies Get Set to Dump Millions of ComputersHIGHTSTOWN, N.J. --(Business Wire)-- Dec. 13, 2004 -- A recent final Federal Rule to guard against identity theft comes at a time when companies are particularly vulnerable to the crime because they are getting ready to junk or remarket hundreds of millions of computers, with many packed full of sensitive information, according to Marc Sherman, CEO of WindsorTech, Inc. (OTCBB: WSRT). WindsorTech, through its brand extension QSGI, manages the IT assets of Fortune 1000 and government customers. QSGI maintains, refurbishes and/or resells hardware, and in the process, eliminates recoverable hard-drive data and ensures regulatory and environmental compliance. The Rule, which is part of the Fair and Accurate Credit Transactions Act (FACT) of 2003, requires companies to protect consumers against unauthorized access to credit report information "in connection with (the) disposal" of computer and other records by, among other measures, the erasure of hard-drives. At the same time, a contracted labor force, an aging hardware inventory, as well as Microsoft's recent plan to stop supporting Windows 98, signaling that millions of computers will be replaced by machines with upgraded processing power, means that hundreds of millions of computers, servers and peripherals -- many bulging with consumer and other private information -- are headed for disposal, stated Mr. Sherman. Published in November, the Rule provides examples of how to comply with the new requirements, including contracting with a third party to properly dispose of consumer information. The new measure adds to already existing regulations that require businesses to properly discard their computer equipment. The Sarbanes Oxley Act, designed to increase corporate accountability, mandates that hard drives be erased before the disposal of a computer. The Health Insurance Portability and Accountability Act (HIPAA) and the Graham-Leach-Bliley Act, require companies to guard the confidentiality of medical and financial records, and hold them responsible for their computer data, even when it is no longer in their hands. Disposal also must meet EPA standards. "With regulations and fines for violations mounting, unless we erase the hard drives, we insist on indemnification before we take old computers for resale or trashing," added Mr. Sherman. According to a one-year study released by the FTC in September 2003, U.S. businesses lost $47 billion and consumers lost approximately $5 billion as a result of identity theft in the prior year. The FACT Rule applies to virtually every business and private employer in the U.S., according to a FTC press release, and requires businesses to comply by June 1, 2005 "by both adopting and implementing their own document destruction policies or by contracting with a document shredding or other data destruction company to do so. "Penalties for violating the rule include actual damages, statutory damages up to $1,000 punitive damages per violation (with no cap on class action damages), attorneys' fees, and civil penalties up to $2,500. For more information about the rule and business compliance requirements, visit the FTC web site at http://www.ftc.gov." About WindsorTech WindsorTech, through its brand extension QSGI, manages the information technology (IT) products of Fortune 1000 and government customers, specializing in data security and regulatory compliance. QSGI turns its clients' IT liabilities into IT assets, by maintaining, refurbishing and/or reselling equipment. Prior to resale, the company utilizes its proprietary Department of Defense (DOD) level certified data sweep--eliminating otherwise recoverable data. QSGI reduces its customers' potential liability, by ensuring regulatory and environmental compliance for IT products. |
