5 Ways to Minimize Information Disposal MistakesPosted on February, 7 2019
As a business manager or owner, it is your responsibility to properly store and safely dispose of any records containing personally identifiable information. Personally identifiable information is a specific category of information that is associated with an individual person (employee, donor, patient, customer, student, etc) and can include items like:
- Social Security Number
- Passport or Visa Permit Numbers
- Driver’s License Number
- Banking information
- Credit or debit card numbers
- Biographic or Demographic Data about employees
- Home address
- Human Resources Records
- Payroll and Benefits information
- Healthcare Benefits and Insurance Information
- And more.
However, despite all the headlines about identity theft and information security breaches, there are still many reports of instances where businesses either accidentally or intentionally disposed of records by tossing them into recycling bins and dumpsters behind their offices.
In many of these scenarios, employee error or a miscommunication of regulations and processes was to blame for the improper disposal of information.
So, as a business owner, what can you do to help proactively combat these types of errors? Communication and Education are key!
5 Ways to Minimize Information Security Mistakes:
Here are 4 things you can focus on to help keep your employees educated and alert to the legal requirements of information security laws.
Stay Up-to-Date on Industry Regulations:
Education starts at the top, you can’t stay on top of educating and training your employees if you are not up-to-date yourself. Be sure to stay tuned into trade publications changes to local, state, or federal laws that affect information security.
Prioritize Training and Education:
Take time regularly to educate your employees, not only on laws that affect information security policies, but your company’s specific processes for protecting the information that you manage. A few times a year we recommend reviewing things like:
- Updates to laws affecting your industry
- What data is considered personally identifiable information
- Requirements for Storage of records containing personally identifiable information
- Requirements for disposal of records containing personally identifiable information
- What to do if you accidently dispose of these records improperly
- How to report a suspected breach
- What to do in the event of a breach
Regularly Review your Policies:
As was the case in the second article we shared, a standard operating procedure that was in place was not updated to reflect new privacy law requirements. As a result, employees believed they were in compliance and continued throwing out records without shredding them. Because no one was regularly checking operational procedures to make sure the most up-to-date versions were being used, the error went undetected internally, until the records were discovered by an outside party.
Take time to regularly review your company’s policies and make sure that all employees are aware of and know how to find the most updated version of your policies and procedures. As a management team you should consider annual reviews of your policies to ensure they are always current.
Better Safe than Sorry:
Encourage your employees to take a “better safe than sorry” approach to document security. If you aren’t sure whether something is required to be shredded, shred it anyways! It’s always better to be overly cautious than to put information at risk.
Make Secure Disposal EASY!
At Augusta Data Storage, we partner with businesses across the Aiken-Augusta area to create simple and compliant secure destruction solutions. We work with you to schedule regular weekly, monthly or quarterly shredding, based on your needs.
We also provide you with a locked and clearly marked collection bin so your employees know exactly where to dispose of confidential records! Our services are NAID-AAA certified, which means you can rest assured that we’re working to ensure our processes meet federal requirements for secure shredding.
If you’re interested in learning more about how our processes can help protect you and your business, contact us today!