On a recent business trip to Albany, my associate and I decided to go to a restaurant to relax after a hard day. After our meal, I paid with my credit card, and in the usual manner, the waiter returned two copies of the receipt -- one for me as a record and one for the restaurant -- which needed to be signed.

I signed the receipt and, despite my associate's request to leave the restaurant, stayed until I could find an appropriate person to whom I could hand the restaurant's copy of the charge slip. Unlike most restaurants, this local establishment was still printing the full credit card number on the receipt, so I refused to leave it on our table for the next person to view -- and perhaps steal my credit card number.

It's not a new concern to me. I've refused to leave behind my charge receipts for years -- perhaps before most people even realized it was a threat.

In one of my most memorable radio call-in segments -- about 12 years ago -- I spoke to a man who was scared about putting his credit card information online to purchase from an online store.

In that segment, we talked about how it was actually safer to enter your credit card online (when done safely) than when giving it to a waiter at an unknown restaurant, where the waiter disappears with your credit card for 5 to 10 minutes -- or where you leave the receipt for the next diners to read.

FACTA, the Fair and Accurate Credit Transactions Act of 2003, changed the landscape a lot. FACTA requires that credit card receipts not have the full account number, nor the expiration date, dramatically reducing the ability of identity thieves to use your receipts to steal your identity. By Jan. 1, the last of the credit card terminals should be converted so they no longer print your full number -- or be noncompliant with the law.

That doesn't eliminate your own need to protect yourself; it just decreases the risk somewhat. Not every restaurant or merchant will be compliant -- and I still don't like to leave my receipts where just anybody can see them.

I ran into a situation recently where a food store gave someone I know two receipts. Neither receipt had the full number on it, but one receipt had the first digits and the other had the last digits (which is the usual method). So a smart crook could look at the two receipts and piece together an account number.

Occasionally you'll find a vendor who uses digits from your credit card as identification when you call for support -- and I'm not talking about the banks issuing the card. In my mind, if I give my credit card to a vendor with the intent of simply making a purchase, then later call for support and am subsequently asked for digits from my credit card as proof of identity, that's adequate reason to stop doing business with that vendor. They have broken my trust on how they would use my personal data.

The biggest concern to me is that the companies that use inadequate protections make it tougher for companies who do it right. I am an executive in a company that requires certain (nonfinancial) information to deliver the service, and we occasionally find somebody who is hesitant to provide the info, because they are concerned about data safety.

The key is not to withhold the information from online services. It's to understand how it's protected, so you can give the appropriate info and not risk your data.