Companies of all sizes must remain vigilant in the in the fight against information breaches. Disposing of confidential business-related data and client or employee information requires extra care in this era where protecting personal information is so vital. To ensure that your company is compliant with privacy laws you should develop a clear information destruction policy to ensure that smart and secure disposal practices are followed for everyone’s safety.
How to develop an Information Destruction Policy
Your company should first define a clear, company-wide, written policy that directs employees to securely dispose of documents when they are no longer needed. Documents that contain any personal information, such as a name, address, tax information, Social Security number or other data that can be used to identify an individual person should not be disposed of in a trash can or recycling bin. The policy should specify a secure method of destruction so that the confidential information does not end up in the hands of wrong doers. Hiring a licensed, trusted secure document destruction company to properly dispose of confidential data is the best way to ensure that you will be complaint with state and federal privacy laws.
Important Document Shredding Facts:
- Studies show that 1 in 5 data breaches involve stolen paper records. Most cases of identity theft and directly traced to lost or stolen documents or documents taken from the garbage that were not properly destroyed.
- You may not realize it, but trash is by law considered public property. This allow identity thieves to easily access personal data that is not securely destroyed
- Paper Shredding and destruction of sensitive data is not only important, it is also the law. Federal and State Laws mandate that you safeguard all private information regarding your employees and customers. In Texas, we have The Texas Information Disposal Act (IDA), which protects Texas residents from misuse of their personal information. The IDAamends the Texas Business and Commerce Code, adding document retention and disposal requirements.
RW Lone Star is a Texas based company and we are the experts in secure data destruction. We proudly serve Central Texas and the Waco, Austin, San Antonio corridor. We offer paper shredding, data destruction, and mobile shredding solutions that work for local businesses. Our diverse client list covers multiple industries and we have a vast knowledge and understanding of the privacy laws that apply to each industry.
Industry Specific Privacy Regulations
- The Health Insurance Portability and Accountability Act (HIPAA) of 1996 mandates that healthcare facilities across the US act responsible in the secure electronic transmission of patient data, and the secure storage and disposal of that data.
- The Fair and Accurate Credit Transaction Act (FACTA) of 2003 added new details to the federal Fair Credit Reporting Act, designed primarily to assist consumers combat the growing crime of identity theft. Accuracy, privacy, restrictions on information sharing, and new consumer rights to disclosure are included in FACTA.
- The Gramm-Leach-Bliley Act (GLBA) Established in 1999, this law requires financial institutions throughout the U.S to safeguard the confidentiality and security of consumer data.
- HITECH Business Associates Agreement. This agreement ensures medical offices, doctor’s offices and hospitals are required to have an agreement with their document shredding company, in regard to the disposal of PHI (Protected Health Information). The other key piece of the Business Associates Agreement is the agreement that organizations will take the necessary steps to implement suitable administrative, physical and technical safety processes.
- The Economic Espionage Act (EEA) Established in 1996, this states that the theft of “all types of financial, business, scientific, technical, economic, or engineering information” from a business is deemed a crime. While compliance is not obligatory, should an occurrence take place, your business will be held liable if it cannot prove you took preventative measures in protecting sensitive information.
- The Sarbanes-Oxley Act (SOX) Enforced in 2002, this act (Also known as SOX) states that paper and electronic files must be stored for five years. It also requires that public organizations disclose and evaluate their internal procedures. As a result, this implies that an internal document retention and document destruction policy is vital to compliance.
The failure to comply with federal regulations in reference to paper shredding and the destruction of documents that contain personal information could lead to an array of legal consequences for your business and hurt your business’s reputation. In addition, negligence that leads to the exposure of confidential information puts an individual or company at significant risk of identity theft and fraud.
Outsourcing your shredding and document destruction is a great way to ensure that your company and your customer’s sensitive information is protected. Outsourcing to a professional shredding company is also very cost effective. Factoring in the cost of employee wages and benefits as well as the typical depreciation and maintenance costs on the equipment, in most cases it can cost over $100/month to operate a office quality shredder. Also factor in the time saved by utilizing a local shredding company and the choice is clear.
Whether you are in need of paper shredding in Austin or shredding services in San Antonio, RW Lone Star Security offers multiple solutions for your company’s secure data destruction needs including regular weekly or monthly service, one-time purges, drop-off shredding, and also mobile shredding services. Call us today at 254-774-9536.