August 1st, 2012 from the St. Louis Post Dispatch, “court documents containing personal information
of court respondents sat for weeks in a
dumpster outside a Madison County building.”
August 2nd, 2012 from
News Channel 7 in Spartanburg-Greenville, NC, “a tax preparer who closed
her business three years ago says she unknowingly dumped boxes of
records recently, some of which included personal information.”
are but two of the stories, published in a recent NAID Newsletter,
which we read about all too often. YOU DON’T HAVE TO BE THE NEXT STORY!
fact, you can’t afford to be! With a measure of due diligence,
flavored with knowledge and a splash of education from Integra,
Michiana’s expert in document destruction, we can mix up a winning
recipe for your compliance policies.
What do you need to know?
me first say that you don’t need to memorize every word of the HIPAA
regulation, the HITECH act, the Breach Notification, Security, Red Flag
and Privacy Rules that govern how business and individuals must
safeguard the sensitive documents they have been entrusted with and in
possession of. No, but you do need to know that they are in place for
everyone’s protection, highly enforced by the FTC, SEC, and Homeland
Security (among others), and very expensive to violate, if caught.
the embarrassment, the financial penalties can run from perhaps $1,000
to well over $1,000,000, depending on the severity of the violation.
For example, consideration may be given to these four factors (again,
• Did Not Know
• Reasonable Cause
• Willful Neglect-Corrected
• Willful Neglect-Not Corrected
while the following list is not exhaustive, these identifiers are
unique identifying numbers, characteristics or codes and must be, by
law, properly safeguarded. For example: names, addresses, geocodes,
all elements of dates-birth, death, appointment, admission, discharge
& application, telephone & fax numbers, social security numbers,
driver’s license numbers, medical records, account numbers, scores
& reports, license numbers, vehicle ID and SN, license plate
numbers, device identifiers, web universal resource locators (URL’s),
internet protocol, finger & voice prints, full face photographic
images, and the like!
What should your company have in place?
Here are a few of the necessary questions that need to be asked:
1. Were your documents shredded in an AAA compliant manner and do you have the certificate of destruction to prove it?
2. Do you know what was shredded and when?
Does your company have written policies and procedures in place that
state how documents are maintained, retained and shredded?
4. Do you have regularly scheduled shred events and are they adhered to?
5. Are document destruction procedures covered in your company handbook?
6. Does everyone have access to document destruction training?
7. Do all of your employees have a “Directory of Information Contacts”?
8. Who is your “information asset destruction authorized” person?
9. Do you have a retention and disposal plan for electronic media?
10. Do you have these written standards available?
I will admit that putting the time, resources, and energy toward these
standards is not high on everyone’s to-do list. But, let me suggest
that now is the time to get started, if you’re not already. It will be
much better to be sighted for a “work-in-progress, incomplete compliance
policy” that to be slammed with a “willful neglect or disregard”
blemish for not having even started one. Ours at Integra undergoes
edits and modifications from time to time, and that’s okay!
What can we do for you?
• Offer professional, secure & affordable document destruction services
• Ensure you that we are committed to education & information
• Help you maintain your compliances
all heard those old phrases, “there’s no time like the present” and
“do-it now” and “get-R-done” right? Well, they really apply here! On a
personal note, I liken this project to running; it only hurts a little
in the beginning. So, let’s lace up those compliance shoes and hit the
pavement Michiana! You’ll be glad you did.
News Channel 7, Spartanburg-Greenville, NC
St. Louis Post Dispatch