Courses
Safety Training
HR Compliance
Training
Soft Skills
Training
OSHA Requirements
Training
Search By Industry
Training Shorts
Course Packages
About Us
Resources
Contact Us
Home >   Course Catalog >   Data Security: The Disposal Rule  

Watch Course Preview

Data Security: The Disposal Rule Training Course

Watch Course Preview

This course explains the FTC Disposal Rule, teaching secure destruction of consumer information to prevent identity theft and ensure compliance.

9 minutes   |   SKU: AT241    |    Language(s): EN / ES / FR    |    Produced 2026

SKU:

AT241

Language(s):

EN / ES / FR

Updated:

2026

Length

9 minutes

Training Objectives

Understand Disposal Rule origins and FACTA protections
Differentiate consumer information from general PII
Apply reasonable measures for secure paper destruction
Perform secure digital data destruction and sanitization
Vet third-party vendors and verify destruction certificates
Understand legal obligations for landlords, employers, universities

Course Overview

In the professional world, clearing off a messy desk feels great, but tossing a file into a standard trash can isn't just "cleaning up"—it is a massive liability waiting to happen. If you discard the wrong document the wrong way, you are doing more than creating litter; you are inviting federal penalties, lawsuits, and a public relations nightmare. We are talking about the Disposal Rule, a federal regulation enforced by the FTC designed to stop identity thieves from "dumpster-diving" for consumer data.

Does your organization run background checks on employees, check credit scores for prospective tenants, or assess financial aid for students? If so, the government isn't interested in your headcount; they are interested in your filing cabinets. If you possess any data derived from a consumer report—even if you just copied it into an internal spreadsheet—you have a legal obligation to destroy it so thoroughly that it ceases to exist.

The standard for compliance is "Reasonable Measures". This means the information cannot be practically read or reconstructed. For paper, this means moving beyond simple ribbons to "confetti" via cross-cut or micro-cut shredding. In the digital realm, hitting "Empty Trash" is just theater; the data remains easily recoverable. You must use approved software to overwrite the data, use magnets to scramble the drive (degaussing), or physically crush the hardware.

If you choose to outsource this work, remember that you remain responsible for that data until it is verifiably gone. You must vet your contractors, ensure they have a secure chain of custody, and—most importantly—always obtain a Certificate of Destruction. This document is your shield during an audit. By the end of this course, you will understand that sensitive information must have a secure lifecycle: a definite beginning, a protected middle, and a catastrophic, unrecoverable end.

This program is available with Spanish and French closed captions.

Super Flexible Formatting

You’ll never find yourself scratching your head, trying to figure out why
you can’t get our videos to play or courses loaded into any platform.

Access courses
in our EHS Software.

View this course in a classroom
environment, or assign it to your
team individually with testing
and recordkeeping capabilities.

Load courses
into your platform.

Each title includes an embed
feature that allows users to add
videos to their existing training
platform or LMS.

Access courses
in our LMS.

View this course in a classroom
environment, or assign it to your
team individually with testing
and recordkeeping capabilities.

Not Ready to Sign Up?
No Worries. Here’s Some Helpful Info.

What is the main difference between PII and "Consumer Information"?


Personally Identifiable Information (PII) is data collected directly from an individual. Consumer Information is data derived specifically from a "consumer report" provided by third parties like Equifax or TransUnion. The Disposal Rule specifically targets the latter.


Is standard strip-cut shredding enough to comply with the rule?


Often, no. The rule requires that information cannot be "practicably reconstructed". Many security policies, especially in universities, specify that cross-cut or micro-cut shredding is the required standard because strip-cut ribbons can be put back together.


Can I donate old office computers to charity if I've deleted the files?


Only if you have securely wiped the drives using approved software or degaussing. Simply deleting files is "digital theater"; the data remains on the drive and handing it over without proper sanitization is a compliance violation.


Am I still responsible for data if I hire a professional shredding company?


Yes. You are responsible for the data until it is verifiably destroyed. "Reasonable measures" include performing due diligence on the vendor, checking their references, and confirming their security chain of custody.


What is a "Certificate of Destruction" and why do I need one?


It is a document provided by a disposal vendor that serves as proof that your information was destroyed according to security standards. It acts as your primary legal shield and evidence of compliance if your organization is ever audited.


Disclaimer: The information provided on this page is subject to change and is for promotional and informational purposes only. Prior to acting on the information contained on this page, verify all information against the latest OSHA and applicable standards, regulations, and guidelines. Please also contact us with any questions you have related to this information. Under no circumstances will Atlantic Training, LLC be held responsible for direct, indirect, consequential, or incidental injuries or damages, or any damages or injuries whatsoever, whether resulting from contract, negligence, or other torts, related to the utilization of this information or the contents of this page. Atlantic Training retains the right to incorporate, remove, or adjust the contents on this page without prior notice.

Frequently Taken With...

Build your plan or make it simple and gain access to the entire Atlantic Training Bundle.