Was enacted in 2003 to amend the Fair Credit Reporting Act (FCRA). The FTC oversees and enforces FACTA.
Has a Final Disposal Rule, which was the first national information destruction requirement. The Final Disposal Rule requires consumer report information to be destroyed by incineration, shredding, or erasure as prescribed destruction methods. Materials must be “practicably” unreadable and unreconstructable.
Also has a Red Flags Rule that applies to companies who receive and collect information to verify credit. Requires the protection of discarded information that could foreseeably result in identity theft. Defines a consumer account as any account “for which the organization holds information for which there is foreseeable risk of identity theft”. Requires an Identity Theft Prevention Program for the purpose of: Prevention, Mitigation, Detection.