It feels good to do your part for the environment – and recycling paper is one of the gold standards.
Business plays a big role considering that the average office worker in the U.S. uses 10,000 sheets of copy paper each year, according to the U.S. Environmental Protection Agency. And, we’re doing a good job. In 2010, 63.5 percent of the paper used in the U.S. was recovered for recycling. The Paper Industry Association Council says that number represents an 89 percent increase in the recovery rate since 1990.
So here’s the thing. Most of the paper sent for recycling by business should be shredded paper. Keeping customer and employee information private is the law, and that means securely disposing of sensitive documents when they’re no longer needed. Shredding paper is the most secure method.
While some document destruction companies provide recycling services too, it’s important that your documents are completely destroyed before they’re sent to a recycling facility. The worst case scenario is that they’re being sold to another company for paper revenue before they have been shredded.
Citishred has a first-class reputation and a comprehensive document destruction program. All documents will be shredded into confetti-like pieces on site at your office location in a locked area on a mobile shredding truck before they are sent for recycling. You should also receive a Document of Destruction immediately after each shred.
Tax time is a busy time not just for accountants – but for identity thieves too.
Identity thieves use sophisticated phishing scams online to gather personal information. They also find – and steal – tax returns and other sensitive documents by going through garbage containers and recycling bins.
The cost to victims of identity theft is an estimated five billion dollars per year in the U.S. Furthermore, if your identity is stolen it can be a long and frustrating process to undo all the damage.
It’s important to know which documents you have to keep and which ones you can dispose of securely.
Here’s a guide:
•Keep tax returns for four years after they are filed.
•Once you have the annual statement for taxable investments, dispose of all the monthly statements you’ve received. Document shredding is the most secure method of disposal. E-waste can be shredded too.
•Keep bank statements that back up information on tax returns for up to seven years. Otherwise, shred them.
•Destroy canceled checks after a year unless they confirm information on your tax return.
•Keep credit card statements for big purchases and charitable contributions. Otherwise, shred statements.
•Shred pay stubs after you have received payment.
•Keep records of retirement plan contributions indefinitely.
“A lot of healthcare organizations figure their mission in life is to treat people and get them well, it’s really not about patient data security,” Larry Ponemon, chairman and founder of the Ponemon Institute, told InformationWeek Healthcare.
But, of course, it is about patient data security too – and that was his point.
Ponemon was discussing the 2011 Benchmark Study on Patient Privacy and Data Security by Ponemon Institute. One of the most significant findings was that data breaches have risen by 32% in 2011compared to 2010. Most of the data breaches were due to employee mistakes and carelessness – 49% of study respondents cited lost or stolen computing devices while 41 % noted unintentional employee action.
The report estimates that data losses and security breaches cost the U.S. healthcare industry about $6.5 million.
One clear message the study sends is that healthcare organizations – like all organizations that handle sensitive information – need to increase awareness among employees about the importance of safeguarding private information.
Safeguarding means protecting sensitive information until it is no longer needed, then disposing of documents securely. Shredding confidential documents with Citishred is a secure and trusted method of destruction.
To help determine the level of awareness of document security throughout your organization and your potential risks, take this Risk Assessment Survey.
For sure, many businesses are required to keep a variety of records and documents for a minimum amount of time, usually seven years. But the answer really depends on the industry you are in and the legal requirements and privacy laws that pertain to the information. Also, laws and requirements can differ by state and country.
For organizations in the healthcare field Health Insurance Portability and Accountability Act, (HIPAA), requires appropriate safeguards to protect privacy of information for as long as you maintain records. HIPAA also requires that all patient information be properly destroyed when it is no longer needed.
Of course, the legal requirements are not only about keeping documents but also about securely disposing of them when they’re no longer needed.
Other privacy legislation including the Fair and Accurate Credit Transaction Act (FACTA) and the Personal Information Protection and Electronics Documents Act (PIPEDA) in Canada stipulate that businesses have a procedure to destroy sensitive information.
At the end of the day, what’s most important is that every business creates appropriate records retention programs that includes both retention guidelines and secure document destruction.
A shred-all policy and regularly scheduled shredding will protect information and eliminate the potential for identify theft and fraud.
Has your business ever been asked to prove that certain documents no longer exist?
It can happen… and the best way to provide proof would be to pull out an official certificate of destruction verifying exactly when and where document destruction occurred.
Of course, destroying documents that are no longer needed is a very important part of compliance with privacy rules and legislation. And, in North America, there’s a lot of them. In the United States, for example, the Health Insurance Portability and Accountability Act (HIPAA) protects a person’s privacy; the Fair and Accurate Credit Transactions Act (FACTA) protects consumers from identity theft. In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) protects personal information.
Privacy legislation, in effect, stipulates that once confidential information is no longer needed, it must be securely destroyed. Shredding documents (and e-media) is the preferred method because after documents have been shredded, they can’t be pieced back together again.
But the other important aspect of compliance that people don’t always think about is the need for documentation – of what and when sensitive documents were destroyed.
To be compliant, your business must be able to prove that documents have been destroyed.
The simplest way to do that?
Partner with a Citshred that understands privacy legislation in your industry and provides certificates of destruction each and every time it services your location. Also, be sure to keep certificates of destruction on record.
Just in case you may have to prove it one day.
How Secure is Your E-Media Disposal Process?
It would be wonderful if you could delete or erase all of the sensitive data that resides on old company computers and ensure it was gone for good.
But you can’t.
In fact, not only does that sensitive data stay on your computer, but it’s easier to recover than you would think.
MIT, for example, was able to recover 92.4%, almost all, of the sensitive information contained on disposed of hard drives; including credit card and social security numbers, medical records, emails and much more! This information had already been either deleted or erased from 158 used hard drives.
Consider that most corporate computers contain sensitive data, and almost half of businesses still stockpile their old hard drives. Add the risks that forensic software programs create and the number of security breach escalate… with the average breach costing $7.2 million!
At the same time, computer ownership continues to grow and research suggests there are over one billion personal computers in use around the world. Some people own more than one computer, and they are upgrading to newer models constantly. With improvements in processor speed, memory, etc., the average length of ownership has dropped from 8 years to 3 years. That’s a lot of computers containing sensitive personal data that need to be disposed of safely and securely.
So, how do you guarantee that sensitive data on old computers is protected and truly destroyed when it’s no longer needed?
Answer: Crushing or shredding hard drives and media is the most secure way to permanently destroy the data. When e-media is shredded and crushed, it is 100% non-recoverable. Contact us for a free quote on all your hard drive destruction needs!
Understanding your risks is your first step to better identity security for you and your customers.
Your small business is unique. You might think that, due to the smaller size of your business, it isn’t exposed to the same security risks as a Fortune 500 company. Unfortunately, a smaller company doesn’t equate to a smaller risk.
In 2010, Symantec performed a business security survey on small businesses with fewer than 100 employees. It found that 75% of small business owners are somewhat or extremely concerned about their security risk, and 42% of those surveyed have actually lost confidential or proprietary information in the past.
So what should you be doing to secure your company? While it’s important to devote time and resources to securing your technology and protecting your business from cyber threats, you also need to be aware of how to reduce physical risks with your confidential paperwork.
Here’s a checklist to help you get started:
•Train employees about what type of paperwork has confidential information.
•Limit access to areas where confidential documents are stored.
•Understand compliance legislation and document retention policies that pertain to your industry.
•Use citishred to destroy confidential documents once they are no longer needed.
By following these tips, you’ll be taking important steps to protect your company’s confidential information.
Remember all of our Quotes are 100% free and we don’t recieve payment until we’ve professionally destroyed your data or documunts. Twice a year Citishred offers a free shred day for some of our local municipalities, contact us for our next FREE shred day!
It’s an established security practice that shredding documents is the best way to destroy confidential paperwork and materials. But did you know that how you shred your documents is equally important? While you may think the paper shredder you bought from the local office supply store is keeping you secure, it might not be cutting it…literally.
Here are some key points to consider when evaluating shredding equipment:
•Type of cut. Home office shredders typically shred documents in vertical strips. This cut is substantially less secure than a crosscut or confetti shred.
•Office materials. Some lower-quality shredders cannot accommodate paper clips, staples or bound documents so your employees must take the time to prep each document prior to shredding.
•Multimedia. Credit cards, CDs, hard drives and computer disks must be shredded to maintain security and a less expensive shredder usually doesn’t have the power to shred these tougher materials.
•Capacity. Budget shredders can’t handle multiple sheets of paper at once or have a low capacity – meaning it could take a while to shred a large document.
•Longevity. An inexpensive shredder is likely to fail under the usage demands of an office because most units simply weren’t designed for that type of wear and tear.
Considering the limitations of a common office shredder and the time and expense associated with operating and maintaining it, a budget shredder may not be saving you money. More importantly, if your shredder isn’t destroying materials in such a way that makes them impossible to reconstruct, your company’s reputation and information security could be at risk.
We’ve heard common questions and concerns regarding document shredding, and whether or not it’s a necessity for businesses today. We’ve summarized our responses to those common questions below to debunk those myths.
Four common document shredding myths:
1.No one looks through my trash so why would I shred? You might be surprised to learn that combing through trash or dumpster diving is a routine activity for many thieves, and it is considered so profitable, it’s been a tactic for some organized crime rings.
2.I store my records securely so I don’t need to shred. While securely storing your records is a sound security practice, both the United States and Canada have laws that mandate how long businesses should retain records before destroying them.
3.You can’t recycle shredded paper. Shredded paper can indeed be recycled and used for a variety of consumer products.
4.My company is too small for a shredding service. Considering a 2010 EPA report found the average office worker uses 10,000 sheets of paper per year; your office is creating more paperwork and waste than you’d imagine.
Armed with a better understanding of these myths, you can begin to separate fact from fiction to better tackle your document shredding solution.
© Copyright CitiShred 2011
9242 Clayton Road Saint Louis, Missouri 63124
