5 Reasons Data Protection Is More Important Than Ever for Your Business Today

Why is privacy important to your business? 

Your business has as much as a 25% chance of experiencing a data breach. That’s according to a report by IBM released in 2017. The best course of action is to assume your business will experience a data breach. At the very least, you must assume that you’ll be attacked in some fashion.

Here are five reasons to take business data protection seriously:

1. The Threat is Constant

Today, it’s almost impossible to completely avoid hackers. The Hollywood version of a hacker sitting in a dark room trying to guess a password is inaccurate. Hackers have an advanced arsenal of malware, automation, and social engineering tools at their disposal.

Automated bots crawl the web every day looking for vulnerabilities in websites. Phishing scams are constant. Chances are, your email provider has filtered out numerous possible phishing emails this month alone. Create a “Zero Trust” culture at your business to stay protected.

2. Data Breaches Are More Expensive Than Ever

Data breaches can cost businesses millions of dollars. Large companies can sometimes absorb these expenses but it damages their reputation and puts clients sensitive information at risk. For smaller businesses, a data breach can lead to business failure.

Malware, like ransomware, can lock your data until you pay a large fee. Other data breaches could lead to a loss of customers or disruptions to your operations.

3. Hackers are Getting Smarter

81% of all data breaches exploit privileged access to data. That means hackers find a way into your system by gaining one of your employee’s credentials. There are indirect ways hackers can gain this information. If one of your employees uses the same login information for all their personal and professional accounts, a data breach elsewhere could compromise your own system.

It’s common for scammers to trick people to open emails and click on malicious links. All they’d need to do is find someone from your leadership team on LinkedIn, create a phony email profile, then email one of your employees posing as their boss.

4. Data Is Important to Your Business

Data helps you optimize your operations and maintain accurate records. It can also help you serve customers more effectively. Data gives you a competitive advantage. And it’s a necessary tool in today’s business environment. But not all data is useful. Some of it gets old or becomes obsolete.

Delete obsolete data periodically to protect your business. If you have printed records that are no longer useful, you should shred and dispose of them offsite.

5. Your Reputation Depends on Data Security

If you’ve followed any of the high-profile data breaches in the news, you know this already. A data breach can do long-term damage to your company’s reputation. This is especially true when customer data is involved. If you keep customer data, your customers are trusting you to keep it safe. They also trust you to dispose of it safely when you no longer need it.

Why Is Privacy Important to Your Business?

If you have a small business, you may be asking yourself, “Why is privacy important?” Don’t assume you’re safe from hackers because you aren’t a global enterprise. Take steps now to implement business data protection across your company now.

Do you have a business in the Fort Wayne area of Indiana? Federal Records Management & Shredding can help you keep all your records safe. Contact us today to learn what you can do to protect your data and destroy records responsibly.

5 Things Healthcare Businesses Should Know About HIPAA Compliance

Any business or organization that comes into contact with protected health information needs to make sure that they are within HIPAA compliance guidelines. U.S. Department of Health and Human Services has strict rules when it comes to people who deal with protected health information (PHI). This in conjunction with the increase in data breaches might have you feeling a bit overwhelmed.

But don’t worry, being HIPPA compliant won’t reduce your company’s efficiency and if you follow the list we’ve compiled, it won’t be hard either. We’ll start by explaining the rule then give you tips on how to stay compliant.

Privacy

The privacy rule deals with who is allowed access to the PHI. You need to make sure that your client’s information is protected. Managing the records is one of the most important parts to make sure the PHI stays protected. An easy way to do this is to delegate a person, to be responsible for this policy. They should train everyone on the policy and have the ability to implement consequences if the policy is broken. Your policy should be stricter than the HIPPA guidelines, this leaves a safeguard between your policy and breaking the law.

Security

There are three parts to the security of PHI. You need technological safeguards, along with physical and administrative safeguards.

1. Technological safeguards have to to with the actual technology that stores the PHI. You need to make sure that each of your clients has a name or ID number that’s unique to them. You also need to make sure IT has it set up that the programs you use will automatically sign the users out due to inactivity.

2. Physical safeguards are put in place to make sure only the right people have access to the PHI.This includes making sure that there are theft deterrents. When disposing of the devices you need to make sure to do it in a way that people who are looking to get there hands on PHI can’t get to it.

If you are worried about your policy for getting rid of the devices, you can always contact a company like ours.

3. Administrative safeguards are the things you can do to make sure you give are acting within HIPAA compliance. Make sure that you are doing risk assessments every few months to see where you might be vulnerable. You need to also monitor your employees to make sure the policies are being followed.

Enforcement

Violations can get costly. You want to avoid getting hit with expensive fines by making sure information is used only for what it is intended for. Giving your clients the ability to access their own information is also important, just make sure you have the technical safeguards.

Breach Notification

If there is a breach you need to notify HHS and your clients within 60 days. They will need to know what was breached, where it happened and what the damages could possibly be.

Have Written Policies

HIPPA audits can happen at any time. One of the best ways to make sure that you are prepared for this is to have written policies in place.

HIPAA Compliance

You don’t have a choice to be within HIPAA compliance guidelines. But it doesn’t have to be a pain to manage either. If you still need more help after reading our list, contact us.

How To Avoid Hackers Getting Into Your Information

With more than 30,000 websites hacked into every day, you need to take protection against hackers seriously. However, remember that hackers don’t always have to go online to steal data and personal information. They can also access old paper documents and statements.

Read on to learn how to avoid hackers and understand where you can go for professional assistance with blocking hackers and data thieves wherever they are.

1. Pick the Right Passwords

One of the basics of knowing how to avoid hackers? Make sure that you’ve implemented a strong password strategy. Things like “pass” or “letmein” are no longer going to cut it. You should also refrain from using personal information, like a pet or child’s name, in your password. These are all easily guessed.

Instead, focus on choosing a random string of letters, numbers, and special characters. Include both upper and lowercase letters. Additionally, make sure that you never use the same passwords for multiple accounts.

Finally, we suggest that you update your passwords at least once or twice a year. This way, you’ll always keep the hackers guessing.

2. Shred Old Documents

Want to learn how to stop hackers? Start by understanding that online-only protection is no longer enough. Especially if you work in a federal agency, medical, or financial world, you need to make sure that paper documents are protected as well.

One way to do this is by investing in professional, offsite document shredding services. This way, you can be certain that all of your documents are completely destroyed and that they never fall into the wrong hands.

Remember, criminals can and do go through trash cans. So, offsite services are much more effective. After all, if hackers don’t even know where to go to find your old documents, then they won’t have even a shot at getting a hold of your company or personal information.

Now that’s what we call an effective way to approach protection against hackers.

3. Get Serious about Site Security

We know that you can do a lot with your company website. You may use it to store customer data. In short, it’s the face of your business. That’s why you need to protect it — and, by extension, your company’s reputation.

Make sure that you always run software, plugin, and general website updates as soon as possible. Encrypt your website data, and frequently scan your login attempts for suspicious activity.

You may even consider working with a professional hosting platform or cloud-based server. These not only provide 24/7 site monitoring, they also make frequent backups of your website.

The Best Way to Learn How to Avoid Hackers? Records Management

So far in this post, we’ve taught you how to avoid hackers through things like offsite shredding services and website security.

However, in order to truly succeed at blockers hackers, you may need the help of professional records management services. That’s where we come in.

Records management helps ensure that you always have the proper documents on hand in the event of an audit. Records management software helps you to know where these records are at all times. It also helps with properly getting rid of sensitive information stored in your documents, whether paper or electronic.

Spend some time on our website to learn more about how we identify, prevent, and mitigate threats to your customer information, personal data, and more.

Reach out to us when you’re ready to get the best protection against hackers.

The HIPAA, FACTA, and GLBA: What Are They and How do They Affect You?

In the past ten years, we’ve discovered how valuable personal data is. That realization came with a lot of changes and acts being signed into law. Some of those include HIPAA, FACTA, and GLBA – all reinforced or revisited by Congress in the last ten years. But what do these random arrangements of letters mean?

We’ve got your Guide below.

HIPAA

HIPAA is an acronym for a privacy-related health care coverage act. It stands for Health Insurance Portability and Accountability Act and initially passed Congress in 1996.

It requires health clinics, hospitals, and medical insurance companies to be more discrete with client information. For example, under HIPAA, a doctor can’t discuss a case outside of work with any identifying factors. These can be names, age, race, gender and a long list of others that could cause another person’s privacy to be disturbed.

It also grants patients the rights to always see their medical records and correct anything as needed.

Under HIPAA, the following information is protected:

  • Your medical records
  • Any conversations or notes between you and a doctor
  • Your billing information
  • The way your data is stored
  • Billing information

HIPAA is the reason you fill out the same form every time you visit the doctor, even if you’ve just been there. That’s your avenue to make any record-related changes.

FACTA

Another acronym, FACTA stands for the Fair and Accurate Credit Transitions Act. It’s an add on the previously-created Fair Credit Reporting Act. The government added FACTA to FCRA in 2003, when we began to understand the depth of identity theft.

Under FACTA, consumers have access to:

  • Free credit reports
  • Increased fraud alerts
  • Activity alerts
  • Truncation requirements (no full card #s on receipts)
  • Victim Information and Help
  • Collection agency reporting of identity theft
  • Red flag alerts for creditors
  • Proper disposal of consumer information

Yes, it’s FACTA’s fault that you have to sometimes sign in from two devices or answer a bank phone call confirming charges. As annoying as this can be, it’s keeping you safe and protecting your money.

As a business, FACTA means that you have to be more alert about company finances. If you run a background check on potential employees including a credit check, they have the right to see the results.

Your accountant is well versed in FACTA, so don’t feel shy about asking any questions.

GLBA

The GLBA is less talked about than the above acts, but you’ve probably signed a few GLBA agreements recently. GLBA stands for the Gramm-Leach-Bliley Act and requires financial institutions to tell customers how they’ll use their data.

It builds on the other two in this article nicely. GLBA requires:

  • Financial institutions to explain their data-sharing
  • Institutions to inform customers of their right to opt out
  • Institutions to code client information in a non-identifying way if shared with third parties.

As a business, this means you’ll need to make sure you’re not sharing identities if you’re sharing information. You can’t tell a third party that the Millers have $20,000 in student debt, but you can give them a non-identifying category.

HIPAA, FACTA, and GLBA

Behind all of these seemingly-complicated rules is the government trying to protect consumers rights to privacy. Whether you agree with the policies or not, that’s their intention.

5 Ways to Avoid Customer Data Theft

Data breaches continue to climb as thieves and hackers get better at breaking into secure networks. In 2017 alone, a record 179 million records were exposed. It’s enough to make any consumer – and business – nervous. What can be done about the onslaught on your company’s secure information?

First things first – you need to prioritize your security. Do you think your company is doing everything in its power to protect its valuable data? Don’t panic – you don’t have to be an IT genius to protect your system. With these next five tips and tricks, we’ll show you how to make sure your customer data stays safe.

1. Keep Up With Encryption

Hacking is the most common way companies’ data gets stolen. The majority of all data breaches is usually from hacking. There’s one great way to prevent hackers from getting in: encryption. While it’s easy enough to install, you will lose out if you have a “set it and forget it” attitude.

Encryption is always changing. Make sure your systems are up to date at all times to prevent the latest methods of attack from stealing your data.

2. Ensure Proper Disposal of Important Customer Data

We have a tendency to want to stockpile info to save “just in case”. Then we hoard that info and eventually forget about it. The solution? Get rid of it – the right way.

First, make sure you really can get rid of the data. Then look into programs that can completely scrub computers free of any trace of it. If you have old computers that you’re getting rid of or are upgrading hardrives, don’t just scrub the data. Hackers can still retrieve information from scrubbed hard drives. Instead, destroy the hard drives to be sure that your customer’s information can not be retrieved.

Got a lot of paper records? Consider using a shredding service.

3. Lock Down Your Network

Are you transmitting customer data over unsafe channels? If so, anyone can intercept the information.

Here’s what to do:

  • Secure and encrypt your WiFi
  • Make sure you have a strong firewall in place
  • Only allow remote access through a vetted Virtual Private Network (VPN)

4. Use Strong Passwords

Too many people rely on ridiculous passwords like “password123” or the name of a beloved pet. These are too easy to guess and opens your network up to hackers who liked your dog’s photo on Instagram.

Two things you can do to protect your password is to use a random password generator and change the password often. Password generators come up with difficult passwords. Think about getting a secure program to remember them for you.

5. Train Your Employees

Make sure your employees know how and why you’re practicing data safety.

Have them update their passwords frequently. Make sure they understand they can’t leave laptops unattended in coffee shops if there’s sensitive information on them. Always use a secure WiFi connection.

Everyone might have to jump through a few hoops at first but it’s worth it to keep your information safe.

Keep Your Data Safe

These five tips will get you started on the road to data security. Customer data is important; you don’t want to lose your customer’s trust and with it, your business.

If you need help managing your records and documents, we’re here for you. We can help manage, store, and shred any sensitive data you have. Contact us today and let us help keep your customer information safe!

5 Reasons to Keep Your Company’s Confidential Records Safe in 2018

Government data information breaches have gained a lot of attention in the media lately, but the government isn’t the only one at risk. Private and public companies are susceptible to data leaks as well. If it hasn’t happened to you, it might be hard to imagine that it could.

The reality is, data leaks can impact any company. If your company’s confidential records aren’t properly secured, compromised data could have tremendous consequences.

The beginning of a new year is the perfect time to introduce new practices for safeguarding your most important records. Below, we’re discussing five reasons why it’s important to keep your confidential records safe. We also have recommendations on how to do that.

1. Confidential Records Help You Stay Competitive in Your Industry

No matter what industry you’re in, staying relevant over competitors is an important element of business success. If your company has trade secrets or sensitive information that helps you stay competitive, you want to protect that at all costs.

A leak of confidential records could benefit a competitor by giving them a glimpse at your practices and helping them develop a strategy to respond to that. Protecting your sensitive information is the best way to ensure you keep whatever upper hand you have.

2. Value Your Employee’s Privacy

Some data leaks expose sensitive and personal information about a company’s employees. Falling victim to that kind of leak can create an unpleasant work environment. You want to prove to current and potential employees that you value their privacy by doing what you can to keep their information safe.

3. Customers Expect Protection

From credit card information to family data, customers provide a lot of private information to the companies and businesses they work with. This is especially true of patients who provide confidential information to their medical providers.

If confidential records with customer information were to be made public, the trust your customers have in your company would be severely compromised. They may choose to take their business elsewhere, and will likely advise friends and family to do the same.

4. Your Reputation Matters

Even if you have an incredible reputation for customer service and satisfaction, one data leak is enough to change that in the public’s mind. When it comes to bad news, the public tends to have a long memory. You don’t want to be remembered for compromising their information. And you don’t want one negative situation to overshadow the good work you’ve done.

5. Protecting Data is Easy

For whatever reason, some companies may choose not to protect their sensitive information because they believe doing so would be difficult and expensive. The truth is, record management and offsite shredding services make it easy for any business to secure sensitive data.

Is there a cost associated with it? Of course. But it may be far more expensive not to protect this information, especially if a leak does occur.

Ready to Start Protecting Your Confidential Records?

In today’s increasingly technology-driven world, sensitive information stored online is vulnerable. Hackers or malicious software can do extreme damage, and ruin a company’s reputation in the meantime. But these situations are avoidable.

Protecting your records protects your customers, your employees, and, ultimately the success of your business.

Our New GPS Tracking Capability Takes Security to the Next Level

gps tracking records management

At Federal Records Management & Shredding we are constantly monitoring and adapting our services to give our customers the best and most convenient information management and document destruction services possible. We want our customers to be confident knowing their records and information have been kept secure the entire time they have been in our possession. This is why we have now equipped all of our trucks with the latest GPS tracking technology.

We have always used secure, dedicated trucks — driven by our certified employees — to both retrieve records for destruction at our facility and to deliver documents to our customers from our secure storage. The added GPS technology allows us to take this security to the next level. We can easily and reliably monitor the real-time location and route of our vehicles — and YOUR records — at all times. This also provides us with a historical record of the vehicles routes and stops. If needed, we can verify the route of specific document transmissions and confirm the exact timing of pickup and delivery.

GPS tracking also allows us to dispatch trucks more efficiently and monitor their progress without having to call the drivers for updates. And that means faster and more convenient service for our customers!

Federal Records Management & Shredding is the only records management and shredding company in Fort Wayne that has been AAA-certified by the National Association for Information Destruction. We offer secure on-site or off-site document shredding as well as document management and storage services. Contact us today at 260.267.9652 to talk with one of our specialists about our new GPS tracking feature and how our services can help your business easily meet all of its needs.

Shred Everything Policy

shred everything policy

You Can Never Be Too Careful: The Value of a “Shred Everything” Policy

Information coming in and out of your company is constantly at risk of being mishandled or stolen. Human error accounts for over 30% of the data breaches that occur in small business. Criminal “dumpster divers” are regularly hunting for personal or private information that can be found in commercial dumpsters or recycling bins. Considering the ever-increasing rates of identity-theft, as well as the increasing number of regulations to protect confidential information, it is far from prudent for any business to simply throw away documents into the trash or an open recycling bin.

There is always a chance that information can fall into the wrong hands — and that your business will be held liable.

It’s a time-consuming task to train employees which documents should be shredded. It also takes time from already busy schedules to force staff to walk to the office shredder and shred documents themselves.

Federal Records Management & Shredding suggests you simplify this task (and protect your business and save time and effort!). How? Direct everyone to assume that all paperwork is sensitive and should never go in the trash. Install our secure shredder containers and implement a “Shred Everything” policy.

Shred Everything policies are becoming the norm for businesses small and large. The benefits include:

  • document disposal is simplified
  • confidential information is protected
  • employees are easily trained
  • risk of information breaches is reduced
  • risk of regulatory non-compliance is reduced
  • paper is recycled (after shredding at the secure facility) instead of going into the waste stream or landfills

Tips for implementing a Shred Everything policy

  • make it simple
  • work with a licensed information destruction company such as Federal Records Management & Shredding to install appropriate bins and establish a destruction schedule
  • educate staff about the importance of the Shred Everything policy
  • allow an adjustment period then begin regular security assessments (i.e. checking copiers, faxes, and trash cans for stray documents)

Federal Records Management & Shredding in Fort Wayne is a NSAID AAA Certified document destruction facility. We protect all documents from the time they enter our secure shredding boxes, through being shredded at our secure facility, until they are received at the paper recycling company. We stay on top of compliance regulations to help you protect your business, your employees, and your clients. Call us today at (260) 267-9652 to learn how our easy-to-use — and economical! — procedures can keep you and your business safe from information breaches.

How to Protect Yourself From Identity Theft

how to protect yourself from identity theft

Identity Theft: Beyond Shredding — What You Should Know to Protect Yourself

According to the Federal Trade Commission, 9 million Americans are victims of identity theft each year. Identity theft means that someone has illegally obtained personal information — such as Social Security Number, credit card data, etc. — and is using that information to commit fraud or other crimes. Restoring your credit and clearing your name after your identity has been stolen can be an arduous and time-consumer task.

Don’t put yourself (or your clients or employees) at risk. Follow these guidelines to help minimize your risk of becoming a victim of identity theft.

Guard online information

Nowadays, many of us do everything from shopping, banking, paying bills, watching TV, and listening to music online. Using the same username and password for each account makes it easy for someone to gain access to accounts and sensitive information.

  • use strong passwords and change them (and usernames, too) on a monthly basis
  • never send credit card numbers, social security numbers, bank account numbers, or other personal information via email
  • be alert to “phishing”: when emails or pop-ups appear to be legitimate banks or businesses asking for personal information; if you did not initiate the contact, do not provide any information electronically
  • keep anti-virus software up to date.
  • shop online only on secure websites — an image of a lock should appear at the bottom of your browser or look for “https” in the address bar
  • pay for online purchases with a credit card which has better protection guarantees than debit cards or online payment from checking accounts
  • limit who can access your social networking sites and never post your full name, address, or phone number

Monitor your financial statements and accounts

Checking your bank accounts  and credit card statements on a regular basis will let you know immediately if there is suspicious activity.

  • monitor bank and credit card statements and report anything suspicious to the bank or credit card company immediately
  • check your credit report — by law, you are entitled to a free report every year from each of the three companies (request your copy here)

Daily Life

  • keep your mail secure by emptying your mailbox quickly or putting a lock on it; mail bill payments from the post office or a secure mailbox
  • if you will be traveling, request a vacation hold on your mail from the USPS
  • limit what you carry with you: don’t carry your social security card, and take only those credit cards or debit card that you need for that trip
  • tear the labels off of prescription bottles before you dispose of them
  • be very wary of telephone scams: never give out personal information to telemarketers
  • keep your financial documents and records in a safe at your home; lock your purse or wallet up when at work
  • keep your laptop password protected
  • before you dispose of a computer or mobile device, remove the hard drive and have it destroyed.
  • report suspicions of identity theft to www.identitytheft.gov

Shred sensitive documents

Regularly shred bank statements, credit card statements and applications, bills, and anything containing your personal information instead of throwing it into the trash or recycling. Junk mail often includes some of your personal details.

For your personal or business needs, talk to the experts at Federal Records Management and Shredding about our completely secure storage and paper shredding services to protect you, your employees, and your clients or customers. It’s a small price to pay for peace of mind.