Get A Quote Now!

IntelliShred QuickQuote

  • (Click button to Submit)

Top 5 Mistakes Companies Make With Handling Confidential Information

Handling Confidential Information

In today’s information age, every business should be knowledgeable about handling confidential information. No matter the industry, size or scope that the company works within, there should be comprehensive information disposal process put in place.

These are the top five mistakes companies make with handling confidential information:

MISTAKE #1 Not controlling employee access to confidential records
Whether it’s paper documents or information that is stored digitally, it’s crucial to control access to it by using passwords, firewalls and encryption. When passwords are used to control access, they should be changed on a regular basis. Although we live in a mostly digital world, some businesses still deal with a lot of hard copies. In order to safely and securely store confidential paper documents, you should have lockable storage cabinets available that are only accessed by certain employees.

MISTAKE #2: No policy in place to protect confidential records
There’s an easy way to diminish the risk of experiencing a data breach. Simply establish a policy that dictates exactly how long your business should store confidential documents or records. It’s not recommended that confidential files are kept for longer than they are needed because that could increase your company’s risk of a data breach or identity theft.

MISTAKE #3 Not properly training employees on how to handle confidential records
It’s simple – make sure your employees know what risk they could face if they don’t learn how to handle the confidential information that your company stores. It’s essential to explain why data confidentiality is so important and offer them the many ways they can protect it. Teach them how to use secure passwords, make them follow a process for secure hard drive destruction, shredding and destroying documents or information storage devices and most importantly, explain the consequences of not doing these things. It’s very practical to train your employees in-house, but you can hire professionals to help you as well.

MISTAKE #4: Using store-bought shredding machines to shred paper documents
There’s nothing that compares to the efficiency and accuracy of a professional shredding service. Store-bought shredding machines are not equipped to handle large volumes of paper at one time and before you shred, you must remove staples and paper clips. These machines also require constant maintenance because they frequently jam and break down.

MISTAKE #5: Not hiring a professional shredding company
Hiring a professional shredding company for the disposal of confidential information is the best solution. It’s important to choose a vendor with a strong reputation and good references that is certified by the National Association of Information Destruction (NAID). They should have received proper AAA certification, which proves they are working within the highest ethical and professional standards.

Hiring a professional shredding company will give you the peace of mind that you’ve properly protected the confidential information you store. IntelliShred provides full-service document shredding and destruction on site, and offers daily, weekly, monthly, service packages. We can help you protect your business – contact us today to learn more about our services.

HIPAA Updates

HIPAA, the Health Insurance Portability and Accountability Act, was signed into law in 1996. It was created to help safeguard confidential information, stored within companies, from getting into the wrong hands. There are always updates to these important regulations and it’s necessary for companies to understand what changes have been made in order to continue to protect themselves against theft.

In order to maintain HIPAA compliance, companies that store protected health information (PHI) must have a process in place to cover the security of that information. More specifically, covered entities (individuals or businesses that provide treatment, payment, and healthcare operations) and business associates (anyone who has access to confidential patient information) must meet HIPAA compliance.

In the past, there have been some major HIPAA updates since it was signed into law, but as of 2019, there are issues that must be reviewed and changed. HIPAA updates are handled by the Department of Health and Human Services (HHS) will usually seek feedback on aspects of HIPAA regulations which are problematic or, due to changes in technologies or practices, are no longer important.

When the HHS has considered the issues at hand, they submit a notice of proposed rulemaking followed by a comment period. The comments are collected from healthcare industry stakeholders and must be considered before a final rule change occurs. HIPAA-covered businesses are given a grace period to make the necessary changes and become compliant, before the regulation updates are enforceable.

HIPAA laws were followed by something called the Health Information Technology for Economic and Clinical Health (HITECH) Act. This Act specifically addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.

As we are in the midst of a digital age, and most health care providers and other entities dealing with PHI have moved to computerized operations. While digital records are more effective, efficient and more flexibility, they also drastically increase the security risks facing healthcare data.

The Security Rule is in place to protect the privacy of individuals’ health information, while at the same time allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. The Security Rule allows a covered entity to implement policies, procedures, and technologies that are suited to the entity’s size, organizational structure, and risks to patients’ and consumers’ e-PHI.

Implementing HIPAA updates places a significant burden on covered entities and considerable time and effort was required to introduce new policies and procedures to ensure continued compliance.

There have been some issues with HIPAA due to advances in technology and significant changes in working practices. The government has issued HIPAA guidelines to clear up any misunderstandings with HIPAA compliance requirements.

Whatever volume of shredded material your business generates, an experienced professional shredding service will set a schedule to collect and shred it onsite at your premises. Documents should be shredded in accordance with NAID AAA standards and a Certificate of Destruction will verify the process has been completed correctly.

IntelliShred has had years of success with handling professional shredding for a variety of businesses. We are able to provide you with efficient and secure shredding services for paper and even digital media storage devices. Contact us today for answers to all of your shredding questions

Safeguard Confidential Information

There are many ways businesses can reduce the risk of facing information theft and security breaches. One of the easiest preventive measures to implement is a routine schedule of the destruction of documents to shred and other information storage devices. It’s essential to hire a professional paper shredding company in order to safeguard confidential information.

There are daily reports of fraud, theft and hacking these days, and today’s companies both large and small are definite targets. Most recently, thieves have executed increasingly complex attacks, threatening businesses worldwide. When that happens to a business and their brand, there could be irreparable damage, revenue loss, hefty fines, and even legal action.

According to the Computer Security Institute and the FBI, data theft is growing at more than 650% over the past three years. There are government regulations like the Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act. These laws were put in place to help protect companies from fraud and theft.

It’s necessary to have a comprehensive Digital Defense strategy in place, and it’s clear that part of your strategy should include the shredding and destruction of your digital media storage devices. If your company is going to shield itself, it’s best to be proactive against the current threats.

Hiring a shredding and destruction service is the one of the most secure ways to safeguard confidential information to ensure it doesn’t fall into the wrong hands. Regardless of size, industry or specialty, any business can benefit from hiring a professional paper shredding company to help protect valuable data.

It’s also more efficient and more productive – much better than paying your staff overtime to complete the task. The average U.S. office worker uses approximately one sheet of paper every 12 minutes and disposes of roughly 100 – 200 pounds of paper every year. Think of how much time is saved if a professional shredding service is used. When you outsource the job, your employees have more time to focus on more important work.

When you hire a professional shredding service, they should be able to offer the convenience, flexibility affordability and security you are searching for. Mobile shredding trucks make it easy by coming directly to your business to shred on premises. Every service should offer to haul your shredded or destroyed items away and provide you with a Certificate of Destruction, proving that everything was safely destroyed. The shredding and destruction process should also involve security cameras, monitors and other specialized equipment to ensure that everything is handled securely.

Whatever volume of shredded material your business generates, an experienced professional shredding service will make it easy for you to safeguard confidential information. Documents and digital media storage devices should always be shredded in accordance with NAID AAA standards – make sure that the service you hire has met and exceeded these standards.

At IntelliShred, we are certified and have a team of experts ready to handle whatever shredding job you have. We’ve had years of success in helping our customers with professional shredding and destruction services. Contact us today to learn more about how we can help you safeguard confidential information.

Theft Of Confidential Information

Today there are many different threats a business could face – but the costliest threat is theft of confidential information. Here are four steps you can take to protect your company and its sensitive data:

Step #1: Monitor how confidential information is handled and stored
It’s most ideal when companies categorize types of confidential information. By doing this, it’s helpful to prioritize what data to secure first. Customer information systems or employee record systems can safely contain Social Security numbers, account numbers, identification numbers, and other types of sensitive information need to be protected. Securing unstructured information such as contracts, financial releases and customer correspondence is an important next step that should be rolled out on a departmental basis.

Step #2: Perform regular risk assessments
It’s wise for companies to put procedures in place that will help them assess risk and prevent employee theft. Monitoring confidential information across all the major company departments must be a regular occurrence. However, finding the source of a breach may require more in-depth investigation.

Ask the following questions during the risk assessment process:

  • Which employees/staff members have access to this confidential information?
  • How has the confidential information been modified, processed or distributed by them?
  • Is there an area/place where this confidential information could be put at risk?

When companies take the time to analyze how confidential information flows within their company, they can quickly determine which identify vulnerabilities may exist.

Step #3: Create, modify and manage access, usage and distribution policies for confidential information
Upon results from a regular risk assessment, companies can create better, more comprehensive distribution policies for their confidential information. It could be modifications to who can access the confidential information, when it’s accessible (a certain time period), and what type of disciplinary actions will occur for violations of these policies. Once these information distribution policies are defined, it’s essential to also implement monitoring and enforcement of all communication paths.

Step #4: Establish a fail-safe enforcement system
Companies should always implement ways in which they can monitor the handling of confidential information. There should be ways to monitor information usage and traffic, while verifying compliance with distribution policies along the way. Employees and staff should be made aware of the enforcement actions for violation of these policies. Monitoring systems must have flexibility and should be able to accurately identify threats, preventing theft from occurring. These monitoring systems should also contain powerful ID capabilities to stop unauthorized traffic.

It’s clear that although most companies do implement security systems, they often fail to thoroughly review incident reports that arise. It’s also easy to miss theft when you don’t extend security to every communication channel.

Keeping confidential information safe should be a long-term project instead of a one-time event. Ideally, it should demand a lot of attention, requires a way to identify sensitive data; understand and modify current business processes; determine appropriate access, build usage and distribution policies; and monitor all methods of communication. It’s apparent that the high cost of not establishing a system to safeguard your confidential information could be the beginning of the end for your business.

Don’t let theft get the best of your business! Contact IntelliShred today for help with shredding or destroying your confidential data. We’ve been in the business for over two decades and our loyal customers will tell you why they value our services.