Under the HIPAA privacy regulations, health care providers must have agreements with "business associates" to address compliance with the HIPAA privacy standards. A business associate performs a function or activity for a health care provider, with use or access to "protected health information".
http://www.hhs.gov/ocr/hipaa/

Gramm Leach Bliley Act, (GLB).

The Federal Trade Commission has issued a final rule governing the safeguarding of customer records and information for the financial sector. The GLB privacy objectives are to ensure the security and confidentiality of customer records and information; protect against any anticipated threats or hazards to the security or integrity of such records; and protect against unauthorized access to, or use of, such records or information that could result in substantial harm to any customer.
http://www.ftc.gov/opa/2002/05/safeguardrule.htm

Fair and Accurate Credit Transaction Act, (FACTA).

The FACT Act was signed into law on December 4, 2003. This Act contains a number of provisions intended to combat consumer fraud and related crimes, including Identity Theft, and to assist its victims.
Section 216 of the Fact Act requires the Commission, Federal banking agencies, National Credit Union Administration, Securities and Exchange Commission, to issue regulations requiring "any person that maintains or otherwise possesses consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose to properly dispose of any such information or compilation." The purpose of this section is to prevent unauthorized disclosure of consumer information and to reduce the risk of fraud or related crimes, including identity theft, by ensuring that records containing sensitive financial or personal information are appropriately redacted or destroyed before being discarded.

If you are uncertain about any of these laws and how they pertain to you or your business and don't know what to do, our only advice for you is shred it and ease your mind.