2012 South Carolina Code of Laws
Title 37 - Consumer Protection Code
Chapter 20 - CONSUMER IDENTITY THEFT PROTECTION
Section 37-20-190 - Requirements for disposition of business records; exceptions.


SC Code § 37-20-190 (2012) What's This?

(A) When a business disposes of a business record that contains personal identifying information of a customer of a business, the business shall modify, by shredding, erasing, or other means, the personal identifying information to make it unreadable or undecipherable.

(B) A business is considered to comply with subsection (A) if it contracts with a person engaged in the business of disposing of records for the modification of personal identifying information on behalf of the business in accordance with subsection (A).

(C) This section does not apply to:

(1) a bank or financial institution that is subject to and in compliance with the privacy and security provision of the Gramm-Leach-Bliley Act;

(2) a health insurer that is subject to and in compliance with the standards for privacy of individually identifiable health information and the security standards for the protection of electronic health information of the Health Insurance Portability and Accountability Act of 1996; or

(3) a consumer credit-reporting agency that is subject to and in compliance with the federal Fair Credit Reporting Act.

HISTORY: 2008 Act No. 190, Section 2, eff December 31, 2008.

Disclaimer: These codes may not be the most recent version. South Carolina may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.