Records Destruction Compliance: Pretty Good Isn’t Enough
Every organization, whether for-profit, non-profit or governmental, possesses sensitive information of some type. It may be customer, employee, patient or other stakeholder-specific and could contain financial or other confidential information that must be legally or otherwise safeguarded. Often these records have a formal retention schedule dictated by the age or validity of the information itself. When it’s time to destroy such records, a “pretty good” shred program isn’t enough to meet or exceed regulatory mandates for confidential destruction.
FACTA, HIPAA & Identity Theft
Information privacy regulations impact many industries. Health Insurance Portability and Accountability Act (HIPAA) is limited to healthcare but Fair and Accurate Credit Transactions Act (FACTA) mandates apply to any organization that collects personally identifiable information about consumers.
At the heart of the concern surrounding safe destruction of paper records is identity theft. An estimated 40% of the 9-10 million individuals who fall victim annually to identity theft have their information compromised through the theft of physical paperwork. In severe cases, it can take nearly 6000 hours to correct the resulting damage. FACTA legislation has ratcheted up the pressure on all types of organizations to perform adequate due diligence in establishing and maintaining a document destruction program.
Significant Legislative Rulemaking
There have been numerous regulatory responses to concerns about information security, identity theft, corporate governance transparency and many more areas related to information management. Several of the most frequently cited are:
|FACTA||Land Ban Act of 1994|
|Federal Rules of Civil Procedure||RCRA|
|Gramm-Leach-Bliley Act||Safe Harbor Act|
|IRS Revenue Procedure 98-25||SEC Regulation S-P|
Take Decision Making Out Of Compliance
A company-wide “All Shred” program takes employee decisions regarding the sensitivity of a document out of the equation. All office paper is treated as if it contains protected information and gets put into a secure bin to be shredded and recycled. Having a single process for the disposal of all paper encourages employees to develop compliant habits.
Long Term Compliance by Design
Business Records Management knows what it takes for your organization to meet these rules. Your information will be destroyed in accordance with relevant statutes by our well-qualified team of service experts. Our experienced professionals partner with your staff to design a comprehensive, enterprise-wide shred program that meets your requirements.
We collect and transport your documents to our secure facilities on a schedule frequency that suits your organization’s needs.
We securely track all materials identified for destruction to ensure chain of custody.
Documents are shredded and recycled for security and environmental responsibility.
A certificate of destruction establishes a reliable audit trail.
If your document destruction needs are mandated by regulatory requirements (e.g. HIPAA, FACTA, GRAMM-LEACH-BLILEY), Business Records Management is not just a vendor—we’re your partner. We take the time to understand your workflow because being a partner with our clients is part of the value we deliver.