Why Shred

When it comes to confidential and protected information, local, state, and federal law mandate how and when this information is destroyed. Some regulations date to early nineties while some are constantly updated because of advances in technology – advances in information interception as well. When handling confidential and protected information, it is best to make yourself aware of the effecting regulations. When you need the most trusted paper shredding New Jersey has to offer look no further than GreenOffice.

FEDERAL LAWS

Fair and Accurate Credit Transactions Act (FACTA) 2003 Effecting all businesses and persons who collect personal information for business purposes. Requires the destruction of all such information in electronic and paper form.

Economic Espionage Act (EEA) 1996 Businesses or persons must protect all forms and types of financial, business, scientific, technical, economic, or engineering information in their possession in any format that is not known to the public.

Gramm-Leach-Bliley Act (GLB Act) 1999 Requires the protection and proper destruction of all consumer information held by financial institutions.

Health Insurance Portability and Accountability Act (HIPPA) 1996 Requires health care organizations to have appropriate measures in place to protect patient medical records, patient logs, insurance, billing, and other personal patient information.

USA Patriot Act 2001 Requires all businesses and persons to protect all information in order to deter and obstruct any act of terrorists.

TOP 6 HIPAA VIOLATIONS

$4.8 millionNew York Presbyterian Hospital and Columba University

In May of 2014, a Columbia University physician deactivated their personal computer from the hospital-wide server, making more than 6,800 patient ePHI’s available through Google for public viewing.

$4.3 millionCignet Health Center

In October of 2010, the health center denied patient requests for medical records, as well as failing to produce the records and non-compliance with investigation requests.

$2.25 millionCVS Pharmacy

In January of 2009, several CVS pharmacies were found disposing protected health information in public dumpsters and were fined on grounds that the pharmacy did not have adequate safeguards to protect and dispose of protected patient information.

$1.73 millionConcentra Health Services

In April of 2014, an encrypted laptop was stolen and through the investigation, it was found that the health system did not have adequate encryption policies, effecting more than 20 percent of Concentra laptops.

$1.7 million – WellPoint

In July of 2013, WellPoint failed to perform a technical evaluation after a software update and therefore, not realizing that more than 600,000 patient social security numbers were made available online.

$1.7 millionAlaska Department of Health and Human Services

In June of 2012, an encrypted USB hard drive containing patient information was stolen from an employee’s car and DHSS was fined because of their failure to have security training for its employees.