SELECTSHRED | MOBILE SHREDDING COMPANY SERVICING PALM BEACH AND THE TREASURE COAST

SELECTSHRED-MEDICAL FACILITIES SHOULD THINK TWICE ABOUT DISCARDING WHOLE OR SHREDDED MEDICAL RECORDS IN TRASH BINS OR RECYCLE BINS

It is hard to believe with all the media attention and heightened awareness that medical facilities would still put patient information in whole or shredded form in the trash or recycle bin where it can be seen and accessed by the wrong hands. Just because you have been doing it that way for many years (shredding in-house or recycling) and nothing bad has happened does not mean it won’t happen. A medical office manager said that she did not believe in dumpster divers because who would have that much time on their hands, but some people do have the time if they think the rewards will be great enough. Some medical personnel think they are doing a good deed to have a friend, family member, or student shred patient confidential information but the risks are too great for your facility if an information security breach were ever alleged and you do not have documentation on record such as a certificate of destruction. The Health Insurance Portability and Accountability Act (HIPAA) can impose penalties of $100 per violation and up to an annual maximum of $1.5 million. Facilities are more likely to face fines and penalties if a HIPAA compliant program is not in place. The routine use of a NAID AAA certified on-site shredding company to destroy patients’ confidential information is an added layer of HIPAA compliance.

Unfortunately, many small medical offices, including dentists’ offices, believe they are too small to use a shredding service and that the office shredder will suffice. Due to the awareness of identity theft, concerned citizens are reporting directly to law enforcement whenever they see medical records in the trash.

http://www.gazettetimes.com/news/local/samaritan-deems-medical-records-found-in-recycle-bin-an-isolated/article_7f58f2e2-f96f-11e2-85a3-001a4bcf887a.html

On the other hand, the criminal-minded sees the opportunity that can come from having access to names, addresses, birthdates, diagnoses, and social security numbers. A Federal Trade Commission (FTC) report on medical identity theft stated that a thief may use patient names or health insurance numbers to see a doctor, get prescription drugs, file claims with insurance providers, or get other care. The FTC also said that if the thief’s health information is mixed with a patient’s information, the patient’s treatment, insurance and payment records, and credit report may be affected.

For all the various types of medical facilities from, Fort Pierce, Port St. Lucie, Stuart, Palm City, Jensen Beach, Rio, Hobe Sound, Port Salerno, Sewall’s Point, Jupiter, North Palm Beach, Jupiter Island, West Palm Beach, and Palm Beach Gardens, remember that no facility is too small to use a third party vendor to destroy its confidential documents because the risks are too great not to do so.

Richard & Gloria Kinkead

SelectShred, Inc.

T: (772) 463-3166

info@selectshred.com

MEDIA RELEASE

For Immediate Release

SELECTSHRED OFFERS TIPS

TO AVOID IDENTITY THEFT, FINES AND PENALTIES

OVER IMPROPER DESTRUCTION AND DISPOSAL OF CONFIDENTIAL DOCUMENTS

STUART, Florida/October 22, 2013 – The experts at SelectShred, Inc., a locally owned and operated company that provides secure on-site document shredding and on-site hard drive destruction service throughout Palm Beach, Martin, St. Lucie, Indian River, and Okeechobee Counties, say this is the time of the year to reassess your compliance with a variety of regulations on document security. Especially if your business is in or related to healthcare, government operations, and financial services, or if your business uses consumer credit information.

“Today, everyone is aware of the significant impact identity theft can have on personal finances. However, with changing laws and regulations related to identity theft, many businesses are not aware of their liability should they be connected, even inadvertently, to identity theft,” said Richard Kinkead, co-founder, SelectShred, Inc.  According to the U.S. Federal Trade Commission, identity theft has become the world’s fastest-growing crime.

Three major laws and the liabilities of identity theft are forcing a number of businesses to reassess the way they handle and discard sensitive documents. The penalties associated with violations of the Health Insurance Portability and Accountability Act (HIPAA), Fair and Accurate Credit Transactions Act (FACTA), and the Gramm-Leach-Bliley Act (GLBA) are significant and affect a wide range of business practices.

“Lawyers, banks and financial services, all health care providers and, in some cases, even the vendors who service those types of businesses, face liability costs, civil fines, and monetary penalties. For example, HIPAA penalties can be $100 per violation and up to an annual maximum of $1.5 million,” added Kinkead. “Criminal penalties are also possible up to $50,000 and one year in prison for obtaining or disclosing protected health information. That includes a practice, business, or business owner who simply tosses whole records or reconstructable shredded records into a trash bin or a recycling bin,” noted Kinkead.

SelectShred offers the following tips to make sure your business is not setting up a scenario for fines and imprisonment for failing to properly destroy sensitive documents and media, including computer hard drives and copier hard drives.

Always use a National Association for Information Destruction (NAID) AAA Certified on-site/mobile shredding service and shred the following:

• All accounting and financial documentation
• All customer support documentation
• All human resource documentation
• All sales and marketing documentation
• All operations and technical support documentation
• Any material that includes your company name or customer information
  • All correspondence such as memos, letters, business cards, credit card information
• All e-mails and fax correspondence
  • Reports, records, files, studies, analyses, bids, budgets, forecasts, blueprints, associated files and records, support and training material, diskettes, videotapes, CDs, microfiche, transparencies, photos, carbon paper, etc.
• Proprietary business information.

Remember, if your business is a hospital or medical practice, protected health information (PHI) should be shredded. This includes:

• IV bag label with patient’s name and name of drug
• Daily patient lists maintained by floor nurses
• Drug vials and prescriptions
• Databases used in research labs
• Billing information
• Registration records
• Lab reports
• EKGs, EEGs, and other medical device printouts
• MRI and Radiology film and/digital prints
• Ultrasound reports

“It is important that business owners and managers know recycling documents is not secure document destruction because the ‘chain of custody’ is broken. You cannot guarantee what leaves your business for recycling is actually destroyed. Shred onsite first – then recycle,” said Kinkead.

SelectShred’s professional onsite shredding approach ensures that documents are destroyed before leaving the client’s site.  This eliminates the potential liability for those documents as well as the need to further monitor discarded confidential information. Most document security experts suggest that companies that use haul-away shredding services – including recycling companies – face increased risk and liability.

“Even self-shredding (the practice of using office shredders) cannot produce the same level of security as professional on-site document destruction. Also, supporting documentation is critical for demonstrating best business practices and for showing that reasonable measures were taken should a company experience an alleged information security breach in the future and face penalties, fines, or prosecution” concluded Kinkead.

For a free analysis of your information breach liability and to identify red flags, contact SelectShred, Inc. today. SelectShred, Inc. is a locally owned and operated company that provides secure on-site document shredding and on-site hard drive destruction service throughout Palm Beach, Martin, St. Lucie, Indian River, and Okeechobee Counties. SelectShred staff is committed to providing quality mobile document destruction service and superb customer service. SelectShred issues a Certificate of Destruction for your compliance records following every service. This certificate documents that you have a compliant and secure document destruction program in place.

SelectShred can provide assistance in reviewing and preparing written document destruction policies and procedures, as well as assist in staff training for your secure document destruction program. For more information call (772) 463-3166 or visit the SelectShred website at www.SelectShred.com. SelectShred – Protecting People and Preserving the Environment.

# # #

SELECTSHRED | MOBILE SHREDDING COMPANY SERVICING PALM BEACH AND THE TREASURE COAST

SELECTSHRED-FOR SECURE DOCUMENT DESTRUCTION, SHREDDING AND RECYCLING ARE NOT THE SAME

Everyone wants to be green and it’s a good thing. However, when it comes to making sure that you are compliant with the federal laws and regulations that govern your industry and when you are charged with fulfilling the obligations of safeguarding the confidential information in your custody, you should destroy first and then recycle. For all the businesses and individuals on the Treasure Coast and in the Palm Beaches, the word of warning is shred first―then recycle. Recycling without first destroying confidential media is not a secure method of disposing of confidential information and renders a business vulnerable to the liabilities and penalties of information security breaches.

Businesses are required and obligated by laws and regulations(Health Insurance Portability and Accountability Act-HIPAA, Fair and Accurate Credit Transactions Act-FACTA, Gramm-Leach-Bliley Act-GLBA) to destroy and dispose securely of confidential information to reduce the risk of consumer fraud and identity theft. Shredding is the most common acceptable method of destruction and is considered as taking reasonable measures to protect against unauthorized access to or use of information when it is disposed. Material sent for recycling is often manually sorted in usable and intact form, rendering that confidential information vulnerable to misuse. Recycling also provides no documentation that confidential information has been securely destroyed.

The practice of using recycling as a method of discarding confidential information will not provide appropriate legal protection in case of an information security breach. Recycling will not provide a certificate of destruction but an on-site third party shredding service will provide a certificate of destruction and prove that a business took all reasonable measures to avoid an information security breach and will also provide appropriate legal protection. Don’t let sensitive information get into the wrong hands. Recycling can present the same vulnerabilities as putting confidential information in the trash.

To everyone in Port St. Lucie, Fort Pierce, Stuart, Palm City, Jensen Beach, Rio, Hobe Sound, Port Salerno, Sewall’s Point, Jupiter, North Palm Beach, Jupiter Island, West Palm Beach, and Palm Beach Gardens, remember you are still green when you shred first with a reputable, responsible mobile shredding service because all shredded materials are recycled into new paper products.

Richard & Gloria Kinkead

SelectShred, Inc.

T: (772) 463-3166

info@selectshred.com