Storage & Shredding: Expert Advice

How well do YOU know the data protection laws affecting you?

Posted by Sean Kelly on Fri, Oct 07, 2011 @ 03:26 AM

Data Protection LawsVirtually every single business and every single consumer is somehow affected by the following federal and Massachusetts State Laws. See how much you know, good luck!

 

1. What type of information does the FACTA (Fair and Accurate Credit Transaction Act) pertain to?

a.Medical records
b.Legal Records
c.Any and all business related records
d.Any and all consumer information

2. What are considered reasonable measures for the proper and safe disposal of information according to FACTA?

a.Putting the information in black/non-see through bags for disposal in a dumpster
b.Placing the information in sealed boxes for disposal
c.Tearing up the information before disposal
d.none of the above

3. Which of the following destruction methods would put you in compliance with FACTA?

a.Using a NAID certified document destruction vendor
b.Having your documents shredded or pulverized
c.Both A and B
d.None of the above

4. What industry does the Sarbanes-Oxley Act of 2002 impact the most?

a.Medical
b.Legal
c.Real Estate
d.Accounting

5. What are the penalties of non-compliance with the Sarbanes-Oxley Act of 2002 even if the non-compliance was a mistake?

a.A fine up to $1 million dollars and 10 years in prison,
b.A fine up to $100,000 dollars and up to 1 year in prison
c.A fine of $10,000 dollars
d.A prison sentence of 5 years

6. What type of medical information does HIPAA require health care providers to safeguard?

a.Any medical information on any patient
b.medical information that identifies who the patient is
c.Only medical information regarding illnesses and disease
d.Only medical billing information for the patient

7. What is the maximum penalty per HIPAA violation occurring after 2/18/2009?

a.Up to $100 per violation
b.Anywhere between $100- $50,000 + per violation
c.$500 per violation
d.$100-$1,000 per violation 

8. What does the Massachusetts data protection law 93H require businesses to safeguard?

a.Social Security Numbers
b.Driver's License
c.Financial Account Numbers
d.All of the above

9. What does the Massachusetts data protection law 93I require businesses to do?

a.Properly document what information is destroyed and when
b.Have a written policy regarding how any sensitive information should be disposed of
c.Properly store information in a safe and secure manner
d.Witness any document shredding be performed

10. What is the maximum fine per incident of record compromised under the Massachusetts 93H and 93I laws?

a.$100 per record compromised
b.$500 per record compromised
c.$1000 per record compromised
d.$5000 per record compromised

           

          Any area you need to brush up on? Visit the following links to get all the information you need on the state and federal compliance laws that affect you:

          http://www.sarbanes-oxley-101.com/sarbanes-oxley-faq.htm

          http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html

          https://www.privacyrights.org/fs/fs6a-facta.htm

           

          Answer Key:

          1)d,2)d,3)c,4)d,5)a,6)b,7)b,8)d,9)c,10)d

          Tags: Massachusetts State Laws, non-compliance, compliance, fines, test

          Medical Records Destruction- HIPAA Fines increased by 6,000%

          Posted by Sean Kelly on Tue, May 10, 2011 @ 07:48 AM

          Get HIPAA Compliant with secure document storageThe maximum fines for HIPAA violations have increased from $25,000 to $1,500,000. That's a 6,000% increase! Violations could include acts such as not properly destroying patient information before it is discarded. Also, if a practitioner has knowledge that their patients information has not been properly discarded, they are legally required to let both the authorities as well as their patients know that information is at risk.

          The States' Attorneys General are now the ones in charge of ensuring HIPAA compliance. This change is meant to increase the policing of health care providers. AGs have already shown that they are ready to enforce the HIPAA laws and they are currently being trained by the Office of Civil Rights on how to effectively enforce HIPAA.

          With fines reaching over one million dollars, you can never be "wrong" in doing what is right, performing safe and secure document destruction with Safeguard Records Management!

          Tags: records, HIPAA, destruction, compliance, safeguard, fines, documents, healthcare