The HIPAA, FACTA, and GLBA: What Are They and How do They Affect You?

In the past ten years, we’ve discovered how valuable personal data is. That realization came with a lot of changes and acts being signed into law. Some of those include HIPAA, FACTA, and GLBA – all reinforced or revisited by Congress in the last ten years. But what do these random arrangements of letters mean?

We’ve got your Guide below.

HIPAA

HIPAA is an acronym for a privacy-related health care coverage act. It stands for Health Insurance Portability and Accountability Act and initially passed Congress in 1996.

It requires health clinics, hospitals, and medical insurance companies to be more discrete with client information. For example, under HIPAA, a doctor can’t discuss a case outside of work with any identifying factors. These can be names, age, race, gender and a long list of others that could cause another person’s privacy to be disturbed.

It also grants patients the rights to always see their medical records and correct anything as needed.

Under HIPAA, the following information is protected:

  • Your medical records
  • Any conversations or notes between you and a doctor
  • Your billing information
  • The way your data is stored
  • Billing information

HIPAA is the reason you fill out the same form every time you visit the doctor, even if you’ve just been there. That’s your avenue to make any record-related changes.

FACTA

Another acronym, FACTA stands for the Fair and Accurate Credit Transitions Act. It’s an add on the previously-created Fair Credit Reporting Act. The government added FACTA to FCRA in 2003, when we began to understand the depth of identity theft.

Under FACTA, consumers have access to:

  • Free credit reports
  • Increased fraud alerts
  • Activity alerts
  • Truncation requirements (no full card #s on receipts)
  • Victim Information and Help
  • Collection agency reporting of identity theft
  • Red flag alerts for creditors
  • Proper disposal of consumer information

Yes, it’s FACTA’s fault that you have to sometimes sign in from two devices or answer a bank phone call confirming charges. As annoying as this can be, it’s keeping you safe and protecting your money.

As a business, FACTA means that you have to be more alert about company finances. If you run a background check on potential employees including a credit check, they have the right to see the results.

Your accountant is well versed in FACTA, so don’t feel shy about asking any questions.

GLBA

The GLBA is less talked about than the above acts, but you’ve probably signed a few GLBA agreements recently. GLBA stands for the Gramm-Leach-Bliley Act and requires financial institutions to tell customers how they’ll use their data.

It builds on the other two in this article nicely. GLBA requires:

  • Financial institutions to explain their data-sharing
  • Institutions to inform customers of their right to opt out
  • Institutions to code client information in a non-identifying way if shared with third parties.

As a business, this means you’ll need to make sure you’re not sharing identities if you’re sharing information. You can’t tell a third party that the Millers have $20,000 in student debt, but you can give them a non-identifying category.

HIPAA, FACTA, and GLBA

Behind all of these seemingly-complicated rules is the government trying to protect consumers rights to privacy. Whether you agree with the policies or not, that’s their intention.

5 Ways to Avoid Customer Data Theft

Data breaches continue to climb as thieves and hackers get better at breaking into secure networks. In 2017 alone, a record 179 million records were exposed. It’s enough to make any consumer – and business – nervous. What can be done about the onslaught on your company’s secure information?

First things first – you need to prioritize your security. Do you think your company is doing everything in its power to protect its valuable data? Don’t panic – you don’t have to be an IT genius to protect your system. With these next five tips and tricks, we’ll show you how to make sure your customer data stays safe.

1. Keep Up With Encryption

Hacking is the most common way companies’ data gets stolen. The majority of all data breaches is usually from hacking. There’s one great way to prevent hackers from getting in: encryption. While it’s easy enough to install, you will lose out if you have a “set it and forget it” attitude.

Encryption is always changing. Make sure your systems are up to date at all times to prevent the latest methods of attack from stealing your data.

2. Ensure Proper Disposal of Important Customer Data

We have a tendency to want to stockpile info to save “just in case”. Then we hoard that info and eventually forget about it. The solution? Get rid of it – the right way.

First, make sure you really can get rid of the data. Then look into programs that can completely scrub computers free of any trace of it. If you have old computers that you’re getting rid of or are upgrading hardrives, don’t just scrub the data. Hackers can still retrieve information from scrubbed hard drives. Instead, destroy the hard drives to be sure that your customer’s information can not be retrieved.

Got a lot of paper records? Consider using a shredding service.

3. Lock Down Your Network

Are you transmitting customer data over unsafe channels? If so, anyone can intercept the information.

Here’s what to do:

  • Secure and encrypt your WiFi
  • Make sure you have a strong firewall in place
  • Only allow remote access through a vetted Virtual Private Network (VPN)

4. Use Strong Passwords

Too many people rely on ridiculous passwords like “password123” or the name of a beloved pet. These are too easy to guess and opens your network up to hackers who liked your dog’s photo on Instagram.

Two things you can do to protect your password is to use a random password generator and change the password often. Password generators come up with difficult passwords. Think about getting a secure program to remember them for you.

5. Train Your Employees

Make sure your employees know how and why you’re practicing data safety.

Have them update their passwords frequently. Make sure they understand they can’t leave laptops unattended in coffee shops if there’s sensitive information on them. Always use a secure WiFi connection.

Everyone might have to jump through a few hoops at first but it’s worth it to keep your information safe.

Keep Your Data Safe

These five tips will get you started on the road to data security. Customer data is important; you don’t want to lose your customer’s trust and with it, your business.

If you need help managing your records and documents, we’re here for you. We can help manage, store, and shred any sensitive data you have. Contact us today and let us help keep your customer information safe!

The Difference Between Onsite and Offsite Shredding

Paper shredding is one of the best ways to keep your business’ sensitive data secure.

Whether it’s your information, your employees’ records, or your customers’ confidential records, you want to keep it safe. You do this through two forms of compliance: Locked and safeguarded records management and shredding.

But do you shred onsite or offsite? While you can definitely shred documents on your own, store-bought shredders don’t shred documents small enough resulting in strips which could potentially be reconstructed. Instead, trust your confidential documents to a professional shredding service.

Most shredding services offer either onsite or offsite shredding. Here, we’ll get into the key differences between offsite and onsite paper shredding, and determine which option is safer for your business.

Offsite vs. Onsite Paper Shredding

The two differences between offsite and onsite document destruction are:

  1. The location of where your documents are shredded;
  2. What materials you are shredding, as well as how often.

What the first means is that the paper shredding services bring their shredding trucks to you (onsite). Or, you can use paper shredding services that take your documents to their secure facility in their locked trucks to be shred. This depends on which company you choose, but Federal Records Managment & Shredding offers both.

The second difference deals with how much data you need to shred and how often you need documents destroyed along with how much you need to destroy. Offsite shredding services are designed to handle larger volumes. So, if you have a large number of documents that need shredded, offsite is the best choice.

Which is Best?

If you hire a shredding company with a great Better Business Bureau rating, as well as being AAA NAID certified, there’s really not a better choice. AAA certified shredding companies ensures background checks are conducted on their employees, as well as maintain HIPAA and FACTA compliance. They’re trained to be discreet and secure with your shreddable documents.

How to Find Paper Shredding Services

The easiest way to choose a paper shredding service that has both a high BBB rating and is AAA NAID certified is to use Federal Records Management & Shredding.

If your business is in Fort Wayne, no other shredding company should be considered. With free estimates and excellent service, Federal Records Management & Shredding is the ideal fit for your compliant shredding needs, both onsite and offsite. Contact us today to see how we can help you with your paper shredding services.

You need to keep your sensitive data secure. Go with a shredding service that cares about your business as much as you do.

Why an NAID Certification Is Important

When it comes to conducting business, you need to focus on keeping the company, employees, and customers safe. The best way to do this is through hiring a shredding company.

However, not just any company will do. Make sure your shredding company is NAID certified.

More than $16 billion was stolen from millions of people in identity theft cases recently. Hiring a company with NAID certification tremendously lowers this risk in your business.

Read on to learn about this certification so you can make the right decision when choosing a shredding company.

The Advantages of NAID Certification

You’ll have peace of mind about your security if you hire a shredding company that has a NAID certification. These shredding companies go to great lengths to protect their clients.

Those that have this certification must background check their employees and drivers. They also maintain HIPPA and FACTA compliance. Furthermore, they issue confidentiality agreements to all employees.

Simply put, NAID certified shredders handle your documents with discretion and professionalism. Some fields that definitely need document shredding include law firms and medical practices.

Regardless of what kind of company you own, your document shredder should be trustworthy. This certification helps guarantee that.

Choose a Shredding Company

Once you know the importance of NAID certification, you’ll want to find a company that has these credentials.

Start by verifying their certification and speaking to them one-on-one about the solutions that you need. Check out the NAID code of ethics so you know what standards these members comply with.

We would be happy to explain this process of how we’ll dispose of your documents. This way, you can decide on the services and frequency best suited for your company.

Any paper shredding company that you hire should also have high Better Business Bureau (BBB) grades. This ensures that you’re making a wise hire. In addition to their BBB standing, only hiring a shredding company that has an AAA certified logo on their website.

Take Advantage of Shredding Services

Finally, you’ll want to take it upon yourself to regularly get rid of sensitive documents.

Take advantage of professional shredding services. This not only protects your company’s security but also makes you more competitive.

Customers need to know that their safety is guaranteed, and regularly shreddings help build this trust and rapport. Your employees will also benefit since they won’t have to worry about their personal information falling into the wrong hands.

Working with a reputable shredding company is great for your reputation. When customers and employees can trust you, you’ll remain a cut above the rest.

Consider these tips and use them to get the most out of your company’s security. Visit our site to learn more about protecting your valuable information.

5 Reasons to Keep Your Company’s Confidential Records Safe in 2018

Government data information breaches have gained a lot of attention in the media lately, but the government isn’t the only one at risk. Private and public companies are susceptible to data leaks as well. If it hasn’t happened to you, it might be hard to imagine that it could.

The reality is, data leaks can impact any company. If your company’s confidential records aren’t properly secured, compromised data could have tremendous consequences.

The beginning of a new year is the perfect time to introduce new practices for safeguarding your most important records. Below, we’re discussing five reasons why it’s important to keep your confidential records safe. We also have recommendations on how to do that.

1. Confidential Records Help You Stay Competitive in Your Industry

No matter what industry you’re in, staying relevant over competitors is an important element of business success. If your company has trade secrets or sensitive information that helps you stay competitive, you want to protect that at all costs.

A leak of confidential records could benefit a competitor by giving them a glimpse at your practices and helping them develop a strategy to respond to that. Protecting your sensitive information is the best way to ensure you keep whatever upper hand you have.

2. Value Your Employee’s Privacy

Some data leaks expose sensitive and personal information about a company’s employees. Falling victim to that kind of leak can create an unpleasant work environment. You want to prove to current and potential employees that you value their privacy by doing what you can to keep their information safe.

3. Customers Expect Protection

From credit card information to family data, customers provide a lot of private information to the companies and businesses they work with. This is especially true of patients who provide confidential information to their medical providers.

If confidential records with customer information were to be made public, the trust your customers have in your company would be severely compromised. They may choose to take their business elsewhere, and will likely advise friends and family to do the same.

4. Your Reputation Matters

Even if you have an incredible reputation for customer service and satisfaction, one data leak is enough to change that in the public’s mind. When it comes to bad news, the public tends to have a long memory. You don’t want to be remembered for compromising their information. And you don’t want one negative situation to overshadow the good work you’ve done.

5. Protecting Data is Easy

For whatever reason, some companies may choose not to protect their sensitive information because they believe doing so would be difficult and expensive. The truth is, record management and offsite shredding services make it easy for any business to secure sensitive data.

Is there a cost associated with it? Of course. But it may be far more expensive not to protect this information, especially if a leak does occur.

Ready to Start Protecting Your Confidential Records?

In today’s increasingly technology-driven world, sensitive information stored online is vulnerable. Hackers or malicious software can do extreme damage, and ruin a company’s reputation in the meantime. But these situations are avoidable.

Protecting your records protects your customers, your employees, and, ultimately the success of your business.

The 12 Things that Federal Record Offers You

Looking to get your business more organized in the new year?

Did you know poor record keeping and bad accounting are two issues that cause a small business to lose money?

To help you get your business in order in 2018, here are 12 things that federal records can do to help make your business run more efficiently!

1. Federal Records Offers Peace of Mind

Knowing that important records are in safekeeping and within reach is a huge weight off the shoulders of many business owners.

You won’t have to worry about natural disasters (fires or floods), theft, or misplaced documents with a record management and offsite shredding services.

2. Compliance

Certain federal and state laws require secure management, accessibility, and destruction of company data pertaining to employee and customer privacy, for example, HIPPA compliance laws.

3. Confidentiality

Utilizing a records management service offers a level of professional confidentiality and trust that sometimes can’t be found in administrative staff, which will help you avoid a confidentiality breach.

4. Offsite Shredding

Offsite document shredding is a cost-effective way to destroy documents containing sensitive information. You’ll also save precious money and time on shredding equipment and added labor costs.

5. Serious Organization

Federal records help you gain control of your records through proper labeling and indexing.

6. Optimized Space

By storing your records offsite or in the cloud, you’ll be able to throw out messy filing cabinets and free up extra space at the office.

7. Cut Down on Costs

Speaking of office resources, you’ll be able to cut down on the time that employees spend handling documents and records, allowing them to do the jobs that they’re meant to do!

8. Efficient Record Retrieval

With federal records, accessing and retrieving the information you need is quick and easy. No more time spent digging through folders and piles of paper!

9. Increased Security

An offsite record storage facility will offer increased security such as alarm systems, fire alarms, locked cabinets, and security personnel.

10. Accurate Financial Statements

Having documents properly labeled, organized, and stored will allow a business to keep more accurate financial statements, which is crucial to tracking progress and monitoring your bottom line.

11. Storage of Important Tax Forms

Holding onto employment records and tax documents, such as W2, W4, and 1099 forms, for at least 4 years is crucial in case of an audit. Secure storage of this sensitive information can be handled by an offsite facility.

12. Expense Documentation for Tax Benefits

Speaking of taxes, records management services can help your business keep track of receipts for purchases, expense reports, and outgoing invoices.

It’s important to keep track of this kind of documentation each year when it comes time to file a tax return.

Having accurate records can save a business a lot of money in the form of tax deductions!

Get Your Business Up To Speed!

Just like the classic Christmas tune “The Twelve Days of Christmas,” Federal Records Management offers 12 immense benefits for your business.

Now is a better time than ever to get your business records organized.

If you need help getting started, let us know!

5 Ways Your Business Can Avoid a Confidentiality Breach

It seems as if every morning we wake up to news of a new confidentiality breach. And every company lives in fear that one day, it will be them.

Every business has sensitive data, but some industries are particularly high-stakes. Healthcare companies, for instance, need to know how to be HIPAA-compliant. If they don’t, they face legal penalties along with a PR nightmare.

While it seems terrifying (especially if you don’t understand data security), there’s hope.

There are many steps a business can take toward making their information more secure. If you’re getting started, these tips below are a perfect first step.

Tip #1: Prohibit the Use of Personal Emails

To an employee, it may seem harmless to send a client an email from their personal email address. But this can open quite the can of worms.

First, when an employee uses their personal email, they have that information forever. If they leave your business, you can remove their access to their company email.

But you can’t do the same for their personal email address. You can’t even know what information the employee may have in their emails.

Second, you cannot control the encryption their emails are using. Strong encryption is crucial for keeping data safe, but most personal emails are less than airtight.

Tip #2: Use the Cloud, but Use it Wisely

“The cloud” isn’t a dirty word when it comes to business record security. In fact, it makes it easy to keep ex-employees out by changing the log-in information. Make sure you’re using precautions, though.

Before you choose a cloud provider, research the security the company offers. If possible, talk to other business about their cloud providers and why they chose them.

Tip #3: Use Caution When Allowing the Use of Personal Devices

Many businesses offer employees the convenience of using their own devices like laptops. But what happens when an employee leaves? This can be a major vulnerability in your confidentiality breach prevention.

If you do choose this route, consider installing wiping software on the devices. If/when the employee leaves, you can target and remove information about the business. You can even do this remotely

Tip #4: Have a Security Checklist in Place for Employee Exits

A 2014 study found 89% of knowledge workers had access to an ex-employee’s sensitive information.

With all a modern office’s technology, it’s easy to forget an ex-employee’s access to one or two sources. To prevent this, take the time to create a comprehensive checklist. Make sure to follow the list to a tee every time an employee leaves.

Tip #5: Bring in the Confidentiality Breach Prevention Professionals

If you’re dealing with more information than your company can handle, call the experts.

If you’re concerned about your digital data, a cybersecurity consultant can help. If it’s physical documents, a records management company can keep them secure.

Whichever type of professional you need, be sure to research their own security.

Take Nothing for Granted

Business can’t keep up with all the ways their data can be compromised with today’s technology. But the bottom line is to never assume something is unbreachable.

Do a security audit to find out what holes you may need to fix and how you can improve. If you have questions about data security methods, like document shredding, record storage, or hard drive destruction, call Federal Records Management & Shredding. We’ll be happy to give you some peace of mind.

Improve Your Business’ Confidentiality With Offsite Shredding

Think business confidentiality is only for top-secret projects? Does it surprise you to know that every business has confidential documentation?

Employee and customer records, contracts, and financial statements. Every company has these documents and more. Some are confidential, and they all take up space.

What do you do when storing paper records uses up valuable space and money? How do you dispose confidential records? Developing an in-house document retention and destruction department is expensive.

Learn how offsite shredding is the best solution for businesses of all sizes, in any industry.

Focus

Document destruction isn’t as simple as having shredders. Retrieval and transfer are also important. And what happens after the paper is shredded is as important as the shredding itself.

Professionals who manage offsite shredding stay focused. They pay close attention to regulations, secure transportation, and reliable disposal.

Accountability

Records management companies will be out of business in the blink of an eye if they aren’t reliable.

Look for companies with full and current NAID AAA Certification. This National Association of Information Destruction designation helps verify a service provider’s qualifications. Certification involves testing related to transfers, offsite storage, and more.

Service providers with NAID Certification are subject to routine and surprise audits.

Objectivity of Offsite Shredding

The teams that handle offsite shredding have no interest in the content of the documents. They’re interested in the safety and security of shredding. Their job is to retrieve, destroy, and dispose records you no longer need.

When in-house staff are tasked with shredding, five things often happen:

  • They spend time reading the documentation. It’s most often driven by curiosity, not malice. Still, time is money.
  • Personal opinion can override requirements. As a result, some documents are not destroyed. This can leave the company open to risk.
  • Shredding happens when time permits, not when required.
  • Shredded document tracking is inconsistent or doesn’t happen at all.
  • Disposal of the shredded paper is casual. That’s another opening for risk.

Best Practices

Offsite shredding can give you confidence.

Professional records management companies rely on best practices to remain effective and efficient. They use best practices to manage your expired and/or confidential documents from retrieval through to disposal. Outstanding service providers build on those best practices to remain market leaders.

For example, the most progressive and security-minded companies use GPS on all retrieval vehicles. Accurate tracking and greater security during document transfer is possible with GPS.

A progressive document management company can also include recycling in the disposal process. All without compromising security.

Go with the Professional Choice

Knowing which documents to destroy and when is your responsibility. Seeking legal guidance specific to your industry is always recommended.

But once you have documents ready for storage, destruction, or both, you need a professional to do the job.

We are a full-service records management company in Fort Wayne, Indiana. We’re the only one that is locally owned & operated. We’re NAID AAA Certified and have a long list of satisfied customers.

Our dedicated team is ready to help you save time and money. We’ll keep your business free of unnecessary paper and protect confidential records.

Contact us today for a free estimate.

Offsite Record Storage: Saving Space, Time, and Money

Did an employee throw sensitive documents into the public dumpster last week?

Is there a 4-foot pile of paper next to the office shredder waiting for someone, anyone, to destroy old records?

Do you dread trips to your overloaded file room because you know it will take over an hour to find the documents you need?

If you answered yes to any (or all) of these questions, it’s time to switch your DIY record keeping to a professional off-site record storage company.

Not sure what this means? Read on to find out!

What is Offsite Record Storage and Why Do You Need It?

Privacy and security are essential in every business. Your clients want and expect their information to remain private.

Are you sure your business records are protected? Think about fires, floods, theft, security, medical regulations, legal and financial rules, and privacy.

You have a legal obligation to protect the privacy of customers and employees. Offsite record storage preserves and safeguards your documents.

When you move valuable paperwork and data to a secure offsite location, you protect your business, plus save space, time, and money.

Create More Office Space

Your business is growing, and so is that disorganized file room. You have more clients, more employees, and more sensitive records to manage and maintain.

Instead of clogging valuable square footage with records you’re required to keep, but seldom use, you could store them offsite.

Professional record storage facilities safeguard any type of media, document or file. It’s a smart solution for

  • Legal offices
  • Medical facilities
  • Financial institutions
  • Brokers
  • Any confidential records

Regulations determine how long businesses, hospitals, doctors, lawyers, and banks, must keep records. Once the required time passes, you can declutter by securely destroying outdated records.

Choose an offsite records company that’s AAA certified in records destruction, including hard drive destruction. Then you can permanently eliminate any sensitive personal or business information stored in files or on hard drives at the end of its life cycle.

Save Employee Time

Once you remove extra documents from your file room, you’ll have easy access to files you need daily. Your employees will save time because record retrieval and reference will be more efficient.

If you choose to store records offsite, they’re readily available, too. You can arrange secure pickup or delivery of your documents whenever you need them.

Another way you save time is by knowing where your files are at all times. Every storage box uses our barcode tracking and index system for fast retrieval.

You can save time with a one-time purge to reorganize your space, or with regularly scheduled services (onsite or offsite). Both options save you hours and lots of effort.

Reduce Risks to Save Money

Climate-controlled secure storage facilities keep your records safe from damage and theft. Lost records are expensive to restore or replace.

Additionally, certified record storage companies can advise you on the legal regulations for record keeping, which can save you money on compliance issues.

Secure document transport, shredding, and storage means you don’t have to worry about security breaches or the cost of resolving them.

An offsite record storage facility saves you money because it protects your data, frees up valuable office space, and reduces the time your employees spend on record retrieval and review.

Whether you do an annual purge, a special project, or routine document management, contact Federal Records Management to save you space, time and money.

Making More Space In The Office? 5 Tips On Document Shredding & What To Shred

document shredding

Are you at the point where you need a gymnastics coach to make it from one end of your office to the other? Maybe you just don’t know when you should be shredding all of those documents that have been sitting around forever?

Unfortunately, this situation has landed you in a pickle. You’ve got limited office space and a growing pile of old, dust gathering paperwork.

When it comes to document shredding, how do you decide what to keep and what to get rid of?

5 Tips on Document Shredding

Federal and State laws dictate how long you must keep certain documents. To better protect yourself and stay compliant with the law, stick to these guidelines of practicing the right way to managing your records.

1. Employee

If you didn’t hire the someone, keeping their pre-employment information on file for one year is standard practice.

Having a personnel file for standard employee information is a good idea and this file should be kept separate from any legal or HR related files on said worker.

Once an employee has quit or been terminated, keep the files for at least three years. This length of time can vary according to state law, so make sure you check with the proper agency.

2. Benefits

All benefit plan records must be kept and maintained for at least six years. This number varies according to law. Keep general benefits information separate from any claims or medical record you may need to keep on file.

3. Banking

It’s a good plan to keep this information indefinitely. Contract, tax, and profit/loss information can be great reference tools for the future. Anything that a shareholder, accountant, or IRS auditor may need to look at it should have a permanent, secure home in your facility.

In some cases, you are required to keep anything that is confidential or sensitive.

Bank account and credit card statements should be kept for 7 years.

4. Junk

Any junk mail can usually be shredded immediately including notes made on post-its and scrap pieces of paper. Throwing them away dramatically increases the potential for a breach. Especially if we’re talking about passwords or safe combinations.

5. Clerical

Anything like purchase orders and receiving sheets should be kept on file for a year. This may seem like way longer than necessary, but you never know when the day comes where you’ll have to back track through six month’s worth of purchasing orders to find a $5,000 mistake.

The Takeaway

You owe it to your clients and employees to keep their information safe and secure. Failure to do so has some steep, legal consequences. To keep your business up and running and maintaining a secure environment for your sensitive documents, know when to shred and when to keep forever.

Check with state offices to see how your individual state handles document shredding, as it often differs from federal guidelines.