Professional document destruction is a big step in ensuring your private information remains secure and unrecoverable. With that said it’s crucial that you partner with a document shredding provider who is qualified and offers service that directly complies with all privacy regulations. Almost all companies produce and circulate sensitive information, and improper disposal can not only compromise information, it can devalue your business, leak future business plans and customer details, ruin the trust of your customers and lastly, rack up an alarming amount of fines that can be difficult to recover from.
At AMS Store and Shred, we provide facility-based shredding services to several service areas in Illinois. We are NAID AAA Certified and commit to following the highest of industry standards at all times. Each of our document management processes is a reflection of the pertinent policies outlined under local and federal laws pertaining to customer privacy.
Our services comply with the following mandatory laws and regulations:
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 mandates that healthcare facilities across the US act responsible in the secure electronic transmission of patient data, and the secure storage and disposal of that data.
The Fair and Accurate Credit Transaction Act (FACTA) of 2003 added new details to the federal Fair Credit Reporting Act, designed primarily to assist consumers combat the growing crime of identity theft. Accuracy, privacy, restrictions on information sharing, and new consumer rights to disclosure are included in FACTA.
The Gramm-Leach-Bliley Act (GLBA) Established in 1999, this law requires financial institutions throughout the U.S to safeguard the confidentiality and security of consumer data.
HITECH Business Associates Agreement This agreement ensures medical offices, doctor’s offices and hospitals are required to have an agreement with their document shredding company, in regards to the disposal of PHI (Protected Health Information). The other key piece of the Business Associates Agreement is the agreement that organizations will take the necessary steps to implement suitable administrative, physical and technical safety processes.
The Economic Espionage Act (EEA) Established in 1996, this states that the theft of “all types of financial, business, scientific, technical, economic, or engineering information” from a business is deemed a crime. While compliance is not obligatory, should an occurrence take place, your business will be held liable if it cannot prove you took preventative measures in protecting sensitive information.
The Sarbanes-Oxley Act (SOX) Enforced in 2002, this act (Also known as SOX) states that paper and electronic files must be stored for five years. It also requires that public organizations disclose and evaluate their internal procedures. As a result, this implies that an internal document retention and document destruction policy is vital to compliance.
Failing to comply with federal laws and regulations in relation to document destruction could lead to an array of legal consequences for your business and potentially, clients. Exposing confidential information puts an individual or company at significant risk of identity theft and fraud. Everything from names, addresses, phone numbers, to credit card numbers, social security numbers, and sensitive passwords need to remain 100% protected while stored and following disposal. It’s important to understand that if these records are ever leaked mistakenly and used for fraudulent purposes, you may be found liable and your reputation is bound to suffer.
If your reputation is compromised as a result, new potential customers will be leery of doing business with your organization. There are far too many financial hardships that can occur when you improperly dispose of sensitive information; the risks are simply not worth it. Turning to a reputable shredding service ensures you are safe from data breach and information theft.