A strong paper shredding program can help you be in compliance with the various State and Federal Laws. These laws mandate that you protect the private information of your employees, customers and patients. In order to be compliant with the various state and federal laws and protect yourself, stockholders, employees, and customers/patients, you should destroy all confidential and outdated material.
Shred any document which is mandated to be protected by privacy laws such as HIPAA (health care), GLB (financial) or FACTA (general).
Shred any papers which could cause harm to you or others in the hands of criminals.
Always destroy any item, which could cause harm to your business, your employees, your customers, or the general public. The following are some examples of items other than paper, which should be destroyed.
SHRED ELECTRONIC MEDIA
Computer Disks, Compact Disks (CD's), DVDs, computer tapes, circuit boards and other like items need to be destroyed.
SHRED EMPTY PACKAGING
It was discovered that thieves were stealing the empty and outdated product packages, which had been discarded for various reasons. The thieves filled the packages with inferior product and sold the packages at a flea market. This caused both lost sales and a significant deterioration in the value of the brand name. In more than one case, it was suspected that company employees knew the empty packaging was thrown in the garbage and they took it.
SHRED RECALLED PRODUCTS
If an item is recalled for safety reasons, the item should be destroyed. Thieves can retrieve the recalled products and sell them on the black market or at flea markets. Once in the market again, the manufacturer could again be liable for the safety of the product.
SHRED OUT OF DATE PRODUCTS
Out of date products that are thrown in the trash can come back to haunt you! These items can also be retrieved by dumpster divers and sold on the black market or at flea markets.
SHRED SECURITY MATERIALS
Uniforms (including private security guard, police, fire, public safety employees), as well as identification badges should be shredded.
Shredding is an Accepted Method of Compling with the Various Laws
The increase in IDENTITY THEFT crime has caused the enactment of various laws described below. The essence of these laws is to protect the individual from the crime of IDENTITY THEFT by protecting private personal information. Some states have also enacted laws, including the states of California, Wisconsin and Georgia. One of the first and most well known of the laws is HIPAA, which was enacted to protect the privacy of patient information.
Health Insurance Portability and Accountability Act (HIPAA), was enacted in 1996 and includes provisions intended to safeguard the privacy of patient health records. HIPAA is a significant piece of legislation with onerous penalties. For a full text of the SUMMARY OF THE HIPAA PRIVACY RULE from the Department of Human Services, available online go to: http://www.hhs.gov. HIPAA LINKS PENALTIES FOR HIPAA VIOLATIONS:
GLB (Gramm Leach Bliley)
Gramm Leach Bliley (GLB) is another federal law with a much broader scope than HIPAA. This law was designed to compel financial institutions to "respect the privacy of its customers and to protect the security and confidentiality of those customers' non-public personal information." This language suggests that paper documents containing such personal information should also be protected when in use and safely destroyed when no longer current and usable.
Federal Trade Commission Report
FACTA (Fair and Accurate Credit Transactions Act)
The Fair and Accurate Credit Transactions Act of 2003 also known as the FACT Act was signed into law on December 4, 2003. The Act amends the Fair Credit Reporting Act (``FCRA''). The Act contains a number of provisions intended to combat IDENTITY THEFT and consumer fraud and related crimes. Specifically the act requires the destruction of PAPERS CONTAINING CONSUMER INFORMATION. Virtually every business or organization that is bound by this law.
The proposed DISPOSAL RULE
Out-sourced Paper Shredding is More Cost Effective Than In-House Shredding
It is very expensive to have your own employees shred paper with portable office shredders. If your people are shredding for as little as a combined two hours PER MONTH, it is likely that hiring a professional document destruction company will be a less expensive alternative.
If you are shredding less than two hours per month, you may want to consider storing the paper and having the paper shredded once per year by a professional document destruction company.
You save money by using an professional document shredding company because:
Direct Cost of Shredding Internally
2,000 sheets divided by 15 sheets per minute is 2 hours 15 minutes. If the person doing the shredding makes as little as $8 per hour plus 25% for taxes and benefits, that means the direct cost of internally shredding 2,000 pages is $22.22 per month. Next you add in the cost of the in-house shredder, disposal of bags of paper, dust clean up and disruptions from noise. If your volume is this amount or more, then you are better off using a professional, bonded document destruction company.
Identity theft continues to afflict millions of U.S. consumers, according to a new study released in 2005. About 9.3 million people were victims of the crime last year, the study says, echoing a study last year by the Federal Trade Commission that indicated 10.1 million consumers had been hit in 2003. In all, one in every 23 consumers were victims last year.
The study also suggests personal data is usually stolen in offline ways — such as dumpster diving — rather than over the Internet. Only 12 percent of the victims in the survey believed their information was stolen electronically. Stolen wallets, checkbooks, and mail remain the chief nemesis, Van Dyke said — not brilliant computer hackers who break into online databases of personal information
Destroying confidential but outdated documents both in the home and in the work place will reduce the risk to individual. Businesses should have a document shredding or destruction policy in place to protect its customers. The cost associated with document shredding is a small price for businesses to pay for the protection of their customers, patients and employees financial health. Signing up for services like electronic banking will also reduce the amount of personal mail sent home, reducing consumer risk.
See more about the study at http://msnbc.msn.com/id/6866768/
According to the BBB, most identity thieves still obtain personal information through traditional means, rather than electronic means. Where the method of theft is known, almost 70% of information was obtained by dumpster diving and physically stealing the data, versus 11% obtained online.One of the best self-defense measures businesses can implement is to shred information before discarding it. Even the smallest business can afford an inexpensive paper shredder, and staff members should be instructed to use a shredder to destroy unneeded customer or employee records.
Securing the services of a professional document shredding company can be done for a few dollars per day. The shredding company usually provides a container to be placed in your office. The container or bin has a slot to insert your confidential but outdated material, but it cannot be opened until the shredding company arrives to shred the material. You might want to protect the material from disgruntled employees, contractors, vendors and others, by placing it in the container until the shredding company can shred the data.
In fact, as of this summer, shredding will be required with the disposal of certain consumer report information and records. The Federal Trade Commission finalized a provision of The Fair and Accurate Credit Transactions Act of 2003 that will impact businesses of all sizes.
Secretary of Veterans Affairs R. James Nicholson, has acknowledged three firings associated with the theft of a Veteran Affairs laptop computer, containing personal information on over 26 million current or former members of the U.S. military. Nicholson said that he has fired the employee who had the computer stolen.He said that other personnel actions were also taken. "The acting assistant secretary was let go," Nicholson said, "and the deputy assistant secretary has been let go."
In addition, Secretary of Veterans Affairs R. James Nicholson on June 8 called for criminal penalties for VA personnel who fail to secure protected personal information.
Protection of data by shredding and encryption is a small price to pay to keep your job, as well as protection of the personal and confidential data of the veterans.