This Web exclusive comes from Colette Raymond, Executive Vice President of Customer Service and Operations, North America, for Shred-it.
Identity thefts resulting from electronic data breaches are common in the news today. These information breaches, often at the expense of large corporations, are not only newsworthy but are under attack by law enforcement agencies world wide. So criminals are going back to their roots and gathering paper records.
Businesses large and small, including health care organizations, hotels, retailers, schools, financial companies, and even recreational facilities are vulnerable to both internal and external document security breaches. Many costly and high profile breaches are a result of confidential records simply disposed of with the trash or recycling. However, facility managers (fms) can become an ally in protecting private company information.
Often, managers have access to the personal financial and medical records of employees; the price thieves are willing to pay for that information can be very tempting. More commonly, companies opt not to shred sensitive material and simply drop it in the dumpster or recycling bin for collection, putting it in easy reach of thieves. In addition, many organizations do not have security protocols in place, so they do not securely store and/or secure destruction practices for paper documents. This makes it even easier for thieves to take boxes of sensitive material.
Some fms are taking an active role in addressing the need for secure disposal by offering access to secure document destruction services. Using a service that visits sites and shreds sensitive paper documents on a regular basis can help keep private information out of the hands of identity thieves.
On-site document destruction services should be certified by the National Association of Information Destruction, confirming compliance with all national legislation. The service should also have strict chain-of-custody destruction processes. This is especially true if tenants include financial or healthcare companies because the Federal Government has specific regulations regarding document disposal for those two groups.
To help stay on the right side of the security equation—and the law—fms should consider implementing the following best practices:
- Start with an audit of all potential risks that may threaten the security of employee records and address those immediately.
- Examine document storage and disposal areas to ensure they are secure enough to prevent thieves from gaining access to sensitive information that might be thrown away.
- Create, implement, and verify comprehensive information security policies; ensure your business is compliant with federal and state regulations.
- Contact a secure document destruction company and discuss ways to implement their services.
Taking a proactive approach to protecting documents in storage and ensuring that any private information is kept secure is an excellent way to companies from identity theft. This simple measure also demonstrates a commitment to partnering and an understanding of the challenges facing today’s businesses. These actions could save thousands of dollars or more in federal fines and litigation, and have an immeasurable impact on a company’s reputation. Best of all, fms can take credit for being part of the solution.