Employees' personal information must be destroyed to prevent identity theft under a new law that went into effect Wednesday.

Business owners who don't own a shredder should consider buying one because it's no longer good enough to rip up personal documents and throw them away. Homeowners who employ even one worker, such as a gardener, nanny or housekeeper, are also covered by the Fair and Accurate Credit Transaction Act of 2003, which requires personal information to be burned, crushed or shredded so no one can rummage through the trash and piece it back together.

Personal information includes a credit report, Social Security number, drivers' license number, phone number and address. Failure to follow the law could mean a lawsuit or $2,500 fine.

Although health care providers and financial institutions are already required to destroy personal information, the new law covers others who collect consumer data, such as car dealerships, furniture rental stores, apartment rental services, etc.

The new law, and other privacy laws like it, have sparked explosive growth in the document-destruction industry. Robert Johnson, executive director of the National Association for Information Destruction, told the Bucks County Courier Times: "Laws like HIPAA (Health Insurance Portability and Accountability Act) and Gramm-Leach-Bliley, even the Enron-[Arthur] Andersen incident, they've all led to a protracted growth of our industry over the past five or six years."

Sheila Longie, vice president and general manager of Document Destruction Service covering Minnesota and western Wisconsin, told The Star-Tribune of Minneapolis that privacy protections extend to secondary information that can be used to identify people. Secondary information can be as simple as a phone number and name on a piece of paper.

The law also requires businesses with consumer information to put in place procedures that "show stored material is being protected," Longie said. "Most people just throw information into unlocked or open containers. That's because people don't realize that even secondary-information material now has to be protected."

Some shredding companies provide locked boxes to employers, who place sensitive information in the box. A truck comes to the site, where the documents are shredded. The scraps then go to a secure recycling facility.

Drew Friedman, operations manager for Shred One Security Corp., told the Bucks County Courier Times: "The protection of consumer information is being brought to the next level. It's to safeguard the consumer. We need this."