Delaware recently adopted a new law that will add requirements related to the destruction of records containing “personal identifying information.” With that law, Delaware joined a number of other states that place restrictions on the ways in which entities destroy or dispose of personal information. The Delaware law will become effective January 1, 2015. The law generally is designed to promote the security and confidentiality of a consumer’s information, protect against threats or hazards to that security, and protect against unauthorized access or use of the information. In response to this new law, companies may wish to review their data disposal practices.