Being just over two years away from celebrating 20 years in the document shredding and storage business, as a small business whose job is nothing but small, we felt like it was about time we started the celebration. We might be a little early, but hey, we're excited. We're excited because we've successfully been able to capture the trust of thousands of customers over the years who are in need of secure shredding or records management and who put their faith in us to keep their personal information safe. The reason for our success, we believe, along with many other things, is because we do things the right way. What is the right way, you ask? Well, there's only one when it comes to this business and we're doing it. There are a lot of ways to be doing it the "wrong" way and thankfully, we know that that's just not how to do business.
Although is may be a simple question, we get it a lot; "What do you do with my documents once you take them?" Since we are asked this so frequently, we figured that this would be the perfect opportunity to lay it all out and give you the inside look at how things are done (the right way!).
You can get all the facts in two minutes by watching our video, and then the nitty gritty (but really important stuff!) layed out below
Certified & Secure
Document Storage &
| 1. Your boxes of documents are picked up by our insured and bonded staff (loaded into our securely locked box truck designated spiecifically for destruction pick-up only). 2. The number of boxes picked up are signed off by you as well as the retrieval driver. This is to ensure that you will be billed for only the number of boxes you and the retrieval team member agree upon. We do this since there are so many different sizedboxes to hold your documents these days,some larger than others, and may need tobe counted as two. 3. Once the box number is agreed upon, yourboxes are transported in our locked destructionretrieval truck to our secure facility where thetruck has loading dock access and unloadsyour documents directly onto the shredder. That means that your documents are destroyedthe same day that they are retrieved. 4. All of the shreds from our shredder are baled and brought to a paper recycling plant to be repurposed. 5. Once payment has been recieved, you will besent a Certificate of Destruction for proof that youtook the secure measures required by law to safeguard sensitive information.
|1. From the start, document storageand management takes a bit more time andplanning than document shredding. When you'reready to put your documents in a secure, climate controlled environment, we'llwalk you through each step and even cometo your office or place of business to assess your current situation and helpto tailor a storage plan to fit your needs. 2. Once you're plan is made and you're readyto finally free up all that space your boxesare taking up (and if you don't have boxes,we can supply you with some, free of charge), we'll schedule a time for your storage retrievaltruck to come and retrieve your boxes for storage. 3. When the storage retrieval team arrives, they will perform a box level inventory and barcode each of your boxes. The inventory is made in anexcel spreadsheet and matches the descriptionof the box with the barcode number. The barcodesare scanned as each box is put on the truck to beginthe chain of custody. From here on, eveytime a boxis moved, it's barcode is scanned. These barcodes are also used to track the locationof your boxes in storage in case you need to retrieve either a box or a file from a box, all youneed to do is look at the inventory, see which filesare in which box, and send us the barcode numberfor the box that the files are in. 4. At the time the boxes are barcoded, you willreceive additional barcodes to put on any boxes thatyou comecome across in the future that will need tobe put into storage. You can either add this box to your inventory spreadsheet or we can do it for you! 5. For your convenience, we have RSWeb, an webapplication that you can log into and request that filesbe delivered to you, request to come and access fileshere, or request that certain boxes be destroyed oncetheir retention time is up.
Have you made sure your data is safe? If not, there is a chance it will cost you financially. It could ruin your reputation as well.
In a recent news story, MetLife, headquartered in New York City, whose revenues topped $50 million in 2008, felt the effect of laws involving data storage security. Because they failed to use records management as risk management, they were fined $70,000. Apparently, when they moved from one location to the next, they discarded a lot of trash in the dumpsters outside the office. In it were sensitive records containing social security numbers, addresses and financial account information of people who were current and former clients of MetLife. The hard copy files remained in dumpsters outside the building for well over three days. During this time, anyone could have acquired the information and used it for identity theft.
In North Carolina, a news article from 2010 about Prompt Med spoke of a $50,000 fine, from the urgent care unit having thrown into a dumpster sensitive information including financial accounts and identification numbers of over 700 patients. Records management as risk management would have clearly helped here.
The Carolina Center for Development and Rehabilitation was highlighted in this article for having illegally disposed of the financial information of nearly two thousand patients in 2011. The fine for this was $40,000. The senior officers had plenty of warning about records management as risk management from the above previous incidents, but did not learn from it.
More and more information these days must be secured and companies are having to treat records management as risk management. With the advent of identity theft, any written, electronic, or printed records must be protected if they include personal information about a client. And if the records are to be discarded for any reason, they must be destroyed in a proper fashion, so that the information contained within is kept safe. From this was born the idea of records management as risk management.
Risk management rpocedures are extremely important to implement to prevent Identity theft. Identity theft is any person's personal information being used by another to illegally remove money from bank accounts, acquire loans and passports and commit other crimes. Identity theft is now also known as identity fraud.
There are state and federal laws in place across the country to ensure that the destruction of certain files is done so properly, in order to prevent Identity theft. If proper measures are not take, then the company responsible for not following the precautions can be given some fairly big fines.
In Massachusetts, the laws that aid in the prevention of identity theft are called the General Law 93H and 93I, and are applicable to all companies in the state of Massachusetts secure all data that include personal information, such as bank account numbers, credit and debit card numbers, and the like that have the ability to create identity theft opportunities.
In addition, each company must have safeguards, by the employment of valid identification systems, in order to keep non-authorized personnel from gaining access through computers, or in hard copy files. The company must also keep all locations safe from outside the company. On a regular basis, companies shall be audited to ensure they within compliance. According to the 93I, a company must document the policy of their destruction procedures.
The fines for non-compliance of 93H requires for the company to pay five thousand dollars for each record that was not kept safe. For 93I, the fine is one hundred dollars for each record, with a cap of fifty thousand dollars. These ordinances came into law in 2005.
In addition to state laws, The Federal FACTA Disposal Rule maintains any person or business using consumer reports must make sure all the information within those reports remain completely secure when discarded.
In summary,the risks that someone takes for improper document disposal are inexplicable. Primarily, risks cannot be taken anymore because it is the law to practice safe and secure document disposal, but secondly when there are a multitude of risk management strategies available through document shredding and management companies, how can someone not take advantage of a simple way to reduce risk?
Need to start managing your risk? Or change your strategy? We can help... click on any of the buttons below to be on your way to a risk management solution!
As 2011 comes to a close, businesses and offices are wrapping up their yearly doings, taking time to enjoy the holidays with colleagues, and getting ready for the start of the new year. Safeguard is too! Safeguard Records Management has decided to bring TWO exciting new offerings to the table in order better serve our destruction and archive customers.
Our first new offering will allow prospective and current ongoing destruction customers to have choices when it comes to their ongoing destruction bin. We are offering a new, duraflex destruction console in addition to the two convenient sized 35- and 65- gallon bins.This Console has many benefits over our shredding bins for offices looking for a more aesthetically pleasing ongoing destruction solution.
The sleek, clean console with a slit top and locking door allows for the security of a locking bin with the added benefit of looking more like it "belongs". Also, the console stays in place with only the interior insert being emptied rather getting a different bin during every rotation.
If your interested in receiving a shredding console, or switching our your bin for a console, contact Sean Kelly via contact form, phone, or e-mail.
Watch this video in order to get a general idea of what the Compliance Training can do for your office
Our second, most exciting offering that Safeguard has decided to take on and provide to our customers in the healthcare industry is the Doctor's Office Compliance Training Program. This exciting program has been developed by NAID, the National Association for Information Destruction and is applicable to healthcare and dental offices. And the best part... it's free! Yes, FREE! The way NAID gets this compliance training program out to healthcare offices is through certified NAID document destruction providers like Safeguard Records Management.
The program can easily be summarized with the 3 following steps:
Receive the video
Watch & Learn
That's it! Simple and quick and you're compliant, just like that! So what are the benefits of your office completing this compliance training you ask?
The best part about completing the HIPAA compliance training is, primarily, that you are at less risk of a breach of patient information (and yes, there is a but) BUT everyone knows that anything can happen these days and breaches can happen even in the most compliant and secure offices so here is where the training program really gives you a HUGE benefit... even if there is a breach of data or information, YOU ARE NOT HELD FULLY LIABLE BECAUSE YOU TOOK THE NECESSARY STEPS (i.e. the training) IN ORDER TO BE COMPLIANT!
Can it get any better than that? For minimal time and ZERO cost to you, your office can get trained on compliance with the HIPAA regulations for safeguarding healthcare information. With the maximum HIPAA fine going up 6,000% from $25,000 to $1,500,00 you have to ask yourself, can you really afford not to complete this zero cost training? (Click for more information on HIPAA)
2012 is gearing up to be a great year for Safeguard Records Management as we look to expand and improve our services in order to meet and exceed the growing needs of our customers. If you'd like to have Sean Kelly get in touch with you regarding anything you have read, please fill out a Contact Us form and he will respond to your inquiry within a couple of hours. In the mean time, be on the lookout for more information on our shredding consoles and the Doctor's Office Compliance Training Program so you can take advantage of it as soon as the new year rolls in!
Happy Holiday's and Happy New Year from everyone at Safeguard!
Simply put, yes, yes, and YES! Records management might seem more like something a larger company should be concerned about, but even small to mid-sized businesses need to take caution in making sure their records are safe and organized.
Records management for small businesses can range in price and available services, but, if you find a reputable records management company, they can likely give you a customized quote based on the needs and budget of a small business or office. Here are some things to consider first and why records management is so important for all businesses.
Physical or paperless?
Record keeping has seen many changes throughout the years and now businesses have the option of going paperless. The term “paperless” is misleading though, because paperless offices will likely still have important physical documents that need to be stored and retained for a certain period of time, some for the life of the business. For what is paperless (i.e.- hard drives, media tapes, etc.), a records management company can keep your digital information safe and secure.
While physical record keeping will likely always be necessary, record keeping without organization can lead to wasted time and money. This is where a reputable records management company can really do wonders for your small (or large!) business.
Organization and archiving
It might sound a little cheesy, but; an organized office is a happy office. There is less frustration and stress because everything is where it needs to be and can be found easily--a records management system does just that, even for a smaller business.
Businesses who cannot rely on dozens of employees to keep them organized need to rely on a system that can keep them constantly updated and archive their important records and information. Sometimes, smaller businesses have a bad habit of archiving and saving everything. While a good precaution, this can turn chaotic.
A records management company can help any business make sure all important documents are properly archived and organized and that unnecessary documents are shredded at the end of their retention time. And all this can be done on just about any budget.
Protection and prevention
An added benefit of having a records management company is that your documents likely be better protected from naturally occurring disasters, security compromises, and other bad scenarios. A records management company can help protect records from:
- Fire, flood, earthquake, or other natural disasters at your office location
- Physical Security breaches
- Security breaches from an online attack
Even small businesses are liable for the damage that can be done from disaster and security breaches. Every company, whether it is three employees or three thousand, needs to take steps to ensure all information secure and protected.
All in all, records management isn't just for the big guys in business. Smaller businesses can benefit from companies like Safeguard Records Management because of the specialization it affords to them.
Here's a recap:
- Implementing records management means small businesses will save money in the long run.
- Everything will be properly archived and easily accessible, saving time and money.
- Offsite services can protect and organize your records, letting you manage your business hassle-free.
- More work can be done in the time saved and there will be better efficiency in day-to-day tasks.
Don't fall behind simply because of improper record keeping. All types of businesses benefit from properly managed records and having it done properly by professionals, no matter how large or small.
Consider it a requirement for all businesses to run smoothly and provide the best service they can to their customers without worrying about their files being where it they need to be. That only reflects poorly on the business, and no business should look unprofessional because of something that can be simply (and cheaply) fixed.
Records management may be the most important business service that you've never heard of. In an era of increasing identify theft and more stringent regulations, however, it's time to get the facts on this important industry.
If your company handles or stores customer information like names, addresses, medical records, Social Security or bank account numbers, then finding a safe, secure way to both manage and dispose your office's paperwork isn't optional—it's mandated by law. Depending on your industry, your business may be subject to federal laws like HIPAA or the Gramm-Leach-Bliley Act, but state regulations often also apply. Some regs, like Massachusetts General Laws 93H and 93I, require companies to have written procedures that outline how paper and electronic files are secured on a day-to-day basis, as well as how they will be destroyed once they are no longer needed. When companies fail to meet these basic standards, they can be subject to prosecution and end up paying significant fines—sometimes per record.
Here's where a Records Management System (RMS) comes in. These services come in a variety of shapes and sizes, but their purpose is essentially the same: to help companies manage their paper and electronic records in such a way that sensitive information is secured and properly stored, and remains accessible if needed in the future. A typical Records Management vendor will offer some (if not all) of the following services:
- Site analysis and compliance documentation
- Secure, off-site record storage for paper files
- Online access to storage inventory
- Scheduled document destruction services, one-time or ongoing
- Document imaging for digital storage and retrieval
- Disaster recovery planning
Of course, not all Records Management vendors are created equal. There are any number of companies to choose from—not all of whom can handle the job successfully. Take the time to evaluate each vendor carefully, and consider the following:
The National Association for Information Destruction (NAID) offers training and certification for Records Management professionals. Records Management vendors with this credential have completed extensive training and have pledged to follow the standards and ethical practices of the NAID organization.
A reputable Records Management vendor should know immediately what procedures your business needs to follow to be in compliance with federal and state laws. Educate yourself ahead of time regarding your particular industry so that you know whether their recommendations are on-target.
Learn how the vendor you are considering secures its own facilities. Ask what safeguards are in place for physical files, as well as digitally stored information. Be sure that the company has a definite policy regarding employee background checks. Every employee, but especially those with direct contact with sensitive information, should be thoroughly checked before gaining access to your company's files.
The Records Management vendor you choose should provide evidence of their commitment to customer service. Consider how responsive and flexible the vendor has been during the sales process: Were they easy to reach? Able to offer scalable solutions to your particular company? Was their pricing competitive? Next, ask for references and determine whether or not existing customers are satisfied with their level of service. Finally, determine what procedures are in place to ensure that the vendor is accessible when needed. 24/7 online access to your records is an absolute requirement.
A reputable, service-oriented Records Management vendor will lower your company's risk exposure, reduce document storage costs and allow you to focus on growing your business. Take the time to evaluate your current and future records management needs—and then find the vendor who is right for the job.
We all know that being green is important, it can help the environment and that we should be doing it. The "tough" part is putting that theory into practice, especially in the office where you might want to implement green initiatives but since no one else has hopped on the green scheme, it's a seemingly impossible task. So how do you get everyone to realize that being green is not that difficult? That takes a little bit of exploring.
To start, we all know that a "paper-less" office is not in the near future, at all. Back in the 1980's there was talk about a paper-less office and look where we are three decades later, still using paper! That is where being green comes in. Instead of trying to use no paper at all, we have realized that it is OK to use paper and that all we have to do is keep in mind some simple tips for staying green and reducing our paper consumption, not nixing it. When you and others in the office do so, you will soon see how the amount of paper and other materials that you use drastically decreases. And these tips are so easy, just posting them around the office is bound to get people on board (even better, send an e-mail to reduce paper consumption!).
The key to being able to implement green initiatives in your office is to have a trusted and quality records management provider. A partner that realizes the same "be green" theme that your office does (or plans to) and recycles all of the material from your office after it is shredded as well as aids you in staying on track with your records retention schedule. Once you have partnered up with your RM, how green your office actually becomes starts with YOU.
So what can you do to make an impact and reduce your footprint?
1. Reduce the amount of paper you produce and thus reduce the amount that is shredded saving time, money, and energy. To do this, create a plan that determines what types of documents are to be printed and what documents should be kept as electronic files. Also, determine what types of documents can be scanned and sent to colleagues rather than making paper copies for them. Make sure everyone gets an e-mail about this!
2. Do double sided printing when printing is necessary. Use any misprints as scrap or notepaper.
3. Use stick labels in the top corners of faxes rather than creating a fax cover sheet from a whole piece of paper.
4. Over time, by reducing the amount of paper you produce, you in turn reduce the probability of duplicate record which will then reduce the total amount of records that you end up having to put in storage (or shred if you actually end up finding the duplicate record before it gets boxed up for storage).
This overall decrease in paper production will save your office money in paper costs which will carry over to a lesser production of paper which means less records management cost to you!
Remember, implementing one or two easy to follow simple steps for being green is more likely to get people to actually do them rather than a long and daunting hard to follow list that may actually turn people off to the idea.
Other tips for keeping green around the office:
Buy paper with the highest percentage post-consumer recycled content
Use unbleached and uncolored paper
Shut down all computers at night and put printers and faxes on sleep mode
Order office supplies in bulk to reduce the amount of packing material needed for your shipments
Carpool with others from the office if they live close to you
Bring in your own mug for coffee in the morning rather than using disposable cups (this carries on to your own silverware, dishes, etc.)
If applicable to the office, have one day that everyone works from home (either a Monday or a Friday) to reduce energy consumption at the office and safe fuel
For more tips on staying green in the office (including where to buy green office supplies) and how to reduce your overall carbon footprint everyday, please visit to following sites:
What are 93H & 93I?
Massachusetts General Law 93H
93H requires all businesses in Massachusetts to take serious measures to prevent identity theft. Any business holding the name of a Massachusetts resident and their Social Security Number, Driver’s License Number, or financial account number (including credit or debit card numbers) is subject to this new Massachusetts data protection law.
What are you required to do?
Among the compliance standards for this new data protection law include the following:
A written comprehensive information security program (CISP).
Controls on employees’ access of sensitive information, including physical security safeguards, computer user access levels and user authentication protocols.
Security measures on computer information systems, including data encryption, anti-virus and anti-spyware software, and firewalls.
Periodic review of audit trails and monitoring of systems for unauthorized access.
Proper disposal of sensitive information, as outlined in new Massachusetts data protection laws.
Massachusetts General Law 93I.
93I requires the shredding or destruction of any paper files containing sensitive information and the erasure or destruction of any electronic files or data storage devices containing personal information of employees or customers.
93I also requires a written policy regarding the disposal of sensitive information.
What are the penalties?
A violation of 93H levies fines of up to $5000 per record compromised.
A violation of 93I levies fines of up to $100 per record compromised with a maximum of $50,000.
This does not take into consideration the loss of your company’s hard-earned reputation and the potential loss of credit.
Safeguard can help guide you through compliance. Call Sean at 508.795.1015 for a Free Assessment, email Sean at firstname.lastname@example.org or log onto www.safeguardrecords.com for industry specific information.