Film Compliance Information
Meeting Compliance with Confidence
Protecting Your Facility and Data with Proper Film Storage and Destruction
When it comes to storing and destroying x-ray and radiographic film, compliance isn’t just a best practice, it’s a legal necessity. Sensitive data contained on archival film must be safeguarded at every stage of its lifecycle to comply with state, federal, and military security standards. AMS Store and Shred helps facilities navigate the complex requirements for compliant film storage and destruction. From secure record retention to certified destruction and silver recovery, AMS provides peace of mind that your organization is meeting all legal obligations.
Our services comply with the following mandatory laws and regulations:
- The Health Insurance Portability and Accountability Act (HIPAA) of 1996 Mandates that healthcare facilities across the US act responsible in the secure electronic transmission of patient data, and the secure storage and disposal of that data.
- The Fair and Accurate Credit Transaction Act (FACTA) of 2003 Added new details to the federal Fair Credit Reporting Act, designed primarily to assist consumers combat the growing crime of identity theft. Accuracy, privacy, restrictions on information sharing, and new consumer rights to disclosure are included in FACTA.
- The Gramm-Leach-Bliley Act (GLBA) Established in 1999, this law requires financial institutions throughout the U.S to safeguard the confidentiality and security of consumer data.
- HITECH Business Associates Agreement This agreement ensures medical offices, doctor’s offices and hospitals are required to have an agreement with their document shredding company, in regards to the disposal of PHI (Protected Health Information). The other key piece of the Business Associates Agreement is the agreement that organizations will take the necessary steps to implement suitable administrative, physical and technical safety processes.
- The Economic Espionage Act (EEA) Established in 1996, this states that the theft of “all types of financial, business, scientific, technical, economic, or engineering information” from a business is deemed a crime. While compliance is not obligatory, should an occurrence take place, your business will be held liable if it cannot prove you took preventative measures in protecting sensitive information.
- The Sarbanes-Oxley Act (SOX)Enacted in 2002, this act (Also known as SOX) states that paper and electronic files must be stored for five years. It also requires that public organizations disclose and evaluate their internal procedures. As a result, this implies that an internal document retention and document destruction policy is vital to compliance.
The Consequences of Non-Compliance in Document and Film Destruction
Failing to comply with federal laws and regulations related to both document and film destruction can expose your business—and your clients—to serious legal and financial consequences. Sensitive information stored on paper files or X-ray and radiographic film must be securely managed, stored, and destroyed in compliance with regulations like HIPAA and state-specific retention laws. Improper disposal of these materials can result in significant risks, including identity theft, data breaches, national security concerns, and regulatory fines.
Confidential information such as names, addresses, phone numbers, credit card details, social security numbers, and patient health records must remain protected at all times—whether on paper or embedded in film. If this data is accidentally leaked or used fraudulently, your organization may be held liable, and the damage to your reputation could be long-lasting.
A breach of trust can drive away potential clients and erode existing relationships. The financial and legal hardships that result from non-compliance are not worth the risk. Choosing a trusted, certified shredding and film destruction provider like AMS Store and Shred ensures you stay protected—every step of the way.
Not Sure How Long to Keep Medical Records or Film?
Review our State-by-State Medical Record Retention Guidelines to stay compliant and protect your practice.
The retention guidelines provided are for general informational purposes only and are not intended as legal advice. Retention requirements can vary significantly based on the state, type of record, and specific regulatory obligations. We strongly encourage you to perform your own due diligence and consult with qualified legal or compliance professionals to ensure that your retention practices meet all applicable laws and regulations.