Login to check the status of your assets!
Our Services
Recycling Laws and Regulations
Frequently asked questions about recycling and SAMR
About SAMR
SAMR Press Room
Contact SAMR


Regulatory Compliance



 Back to Laws & Regs


 Gramm-Leach-Bliley


 FACT Act


 Sarbanes-Oxley


 HIPAA


 EPA



Recent Documents and Media


Word Document SAMR White Paper (99k)
Download

SAMR on television Cable Vision SAMR on Television (38m)
Download

Word Document SAMR Promo Video (99k)
View





SAMR 1.866.509.7267

  Contact Information





Regulatory Compliance information


The Data Security & Compliance team of SAMR offers several services to companies needing to properly handle the retirement of IT assets. In addition to data destruction, IT auditing and reporting, SAMR helps companies ensure regulatory compliance by correctly dealing with their retiring IT assets. Whether your company is publicly or privately held, the overall security of your company’s data is crucial to your protection. In the last 5-10 years, several federal regulations have been passed that dictate the proper handling of data and IT assets to protect companies, their employees and investors. These federal regulations include:
  • Gramm-Leach-Bliley
  • FACT Act
  • HIPAA
  • Sarbanes-Oxley
  • Environmental Protection Agency (EPA) regulations
Proper data destruction, solid reporting features and proper retirement of IT assets is our business. The security of your company’s data is our highest objective.


Laws and Regulations Summary



GRAMM-LEACH-BLILEY

Applicable Summary:

Safeguards Rule (Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. § 6801 through 15 U.S.C. § 6809)

The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients’ nonpublic personal information. (The Safeguards Rule also applies to information of those who are no longer consumers of the financial institution.) This plan must include:
  • Denoting at least one employee to manage the safeguards.
  • Constructing a thorough [risk management] on each department handling the nonpublic information.
  • Develop, monitor, and test a program to secure the information.
  • Change the safeguards as needed with the changes in how information is collected, stored, and used.
This rule is intended to do what most businesses should already be doing: protect their clients. The Safeguards Rule forces financial institutions to take a closer look at how they manage private data and to do a risk analysis on their current processes. No process is perfect, so this has meant that every financial institution has had to make some effort to comply with the GLBA.


[ Read more... ]




HIPAA - Health Insurance Portability and Accountability Act

Applicable Summary:
Any organization that transmits Protected Health Information (PHI) in electronic form, which includes health plans, health care clearing houses, and health care providers must achieve HIPAA Law compliance.

[ Read more... ]




SARBANES-OXLEY

Applicable Summary:
All publicly traded companies must achieve Sarbanes-Oxley compliance

[ Read more... ]




FACT Act

Applicable Summary:
Section 216: "any person that maintains or otherwise possesses consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose to properly dispose of any such information or compilation, "must achieve FACT Act compliance.

[ Read more... ]




EPA REGULATIONS

Applicable Summary:
Businesses and other organizations that discard less than 100 kilograms (about 220 pounds) per month of hazardous waste (including CRTs) are not regulated under most federal requirement (these wastes must still go to a facility authorized to receive solid waste). There are, however, many state regulations in existance that dictate the proper handling of e-waste.

[ Read more... ]