call us at 1.866.467.4733 or visit our website at microshred.com
RSS icon Home icon
  • Secure On-Site Document Destruction

    Posted on August 6th, 2013 admin No comments

    MicroShred’s mobile destruction services bring confidential and secure shredding to you.

    Our completely self-contained mobile shredding trucks will shred your documents at your home or place of business. Our trained security personnel shred your material without interfering with your daily operations. You may, of course, witness the shredding process at any time. The materials are destroyed beyond recognition, reconstruction and readability.

    Upon completion, you are issued a Certificate of Destruction certifying the time and date your materials were destroyed. The obliterated material is then transported to our secured recycling facility. We offer a complete line of on-site shredding services with flexible scheduling options to meet your needs. All shredding is done by our mobile shredding trucks. No need to remove paper clips, staples, binder clips or other fasteners. We shred everything!

    CONTACT MICROSHRED TODAY

  • BIG DAY FOR HIPAA/HITECH PROVISIONS

    Posted on February 19th, 2010 admin No comments

    While many of the changes to HIPAA contained in the HITECH amendment, such as increased fines, Attorney’s General enforcement, and Health Data Breach notification came into effect already, February 18th, the law’s one year anniversary, marks a number of significant HIPAA/HITECH milestones.

    Here is a sample of some that could affect the secure destruction service provider . . .

    1. Application of rules to, and accountability for, Business Associates.  (No longer are BAs solely tied to HIPAA by the BA contract with the Covered Entity, but now, in some respects, operate essentially with all the requirements applied to Covered Entities.)
    2. Requirement for HHS to begin conducting mandatory audits.
    3. Clarification regarding which entities are required to be business associates. (Both HHS and the FTC have already identified secure destruction services as BAs in earlier guidance publications.  It would difficult to see this changing)
    4. HHS and FTC study on privacy and security requirements for PHR vendors and applications (PHR vendors are a new type of Covered Entity under FTC jurisdiction who maintain or process health-related data as a result of offering Internet based services.)
    5. First annual guidance on the most effective and appropriate technical safeguards for health information. (This could go either way.  When HHS issued guidance on security measures to avoid data breach, they inadvertently caused many Covered Entities to apply the wrong particle size specification.  If guidance is promulgated in this new document with a similar type of reference, it will  make life a bit more complicated for secure destruction services)
    6. HHS to implement a health information privacy educational initiative
    7. Clarification regarding the ability to impose criminal penalties against individuals
  • The seamless integration between KOM Networks and CommVault offers a way to reduce costs, drive greater operational efficiency and simplify the way organizations manage, retain and protect their information.

    Posted on February 10th, 2010 admin No comments

    KOM Networks, based in Ottawa, Canada, a provider of storage management solutions for secure archiving, has certified its KOMpliance with Simpana 8 software from Oceanport, N.J.-based CommVault to provide data storage, search and management solutions for small businesses to large enterprises. 

    In a press release, the companies note that “the seamless integration between KOM Networks and CommVault offers a way to reduce costs, drive greater operational efficiency and simplify the way organizations manage, retain and protect their information.”   

    According to the companies, their technology relationship “will provide the availability of an integrated offering that addresses a wide range of compliance requirements at a very affordable price without sacrificing reliability or performance.”.

    KOMpliance is a turnkey archive storage solution that uses standard file sharing protocols to deliver a secure universal file archive repository, according the KOM Networks. KOMpliance is available with its own storage capacity or as a SAN (storage area network) gateway to create secure archives using fiber channel and iSCSI storage resources. No agents or client licenses are required. 

     “Both CommVault and KOM have similar ideals in providing a very simple way to reduce costs, risk and manage growth while upgrading their technical infrastructure,” says Kamel Shaath, chief technology officer of KOM Networks. “Our integrated offerings will provide the best of all worlds, including Simpana software’s data deduplication, which complements the KOMpliance solution, eliminating redundant data to save on storage costs.”

    CommVault Simpana software uses a single-platform architecture that is designed to enable companies to reclaim space on primary storage, reduce off-site storage by up to 90 percent and eliminate up to half their tape drives, according to the company. The enterprise data management software features data deduplication, laptop and desktop protection, remote office data management and advanced copy management features.

  • Paper Mill Signs Deal to Build Large “Green Diesel” Plant

    Posted on February 9th, 2010 admin No comments

    Flambeau River Biofuels, Park Falls, Wis., has signed a letter of intent to engineer, procure and build what it is calling the largest second generation “green diesel” plant in the United States. It will be built at the Flambeau paper mill in Park Falls, Wis. The project, slated to cost around $250 million, is being funded in part with a U.S. Department of Energy grant. It is expected to be operational by 2013.

    The plant will use a patented process technology from ThermoChem Recovery International, Baltimore, to convert roughly 1,000 tons of woody biomass from bark, sawdust, wood and forest residue per day. The process will convert the material into electrical power, steam, and heat at the paper mill.

  • PSI 2010 Meetings Tied to Four Events

    Posted on February 8th, 2010 admin No comments

    The Paper Stock Industries (PSI) chapter of the Institute of Scrap Recycling Industries Inc. (ISRI) has announced its 2010 meeting.

    Each of the chapter’s membership and board meetings will be tied to larger recycling industry events in 2010. “The chapter is exploring new tie-in opportunities and taking advantage of industry event changes that will give our group some new exposure,” the PSI Board of Directors says in a news release accompanying the schedule announcement.

    The PSI members and board will meet in 2010 at these four events:

    The Southeast Recycling Conference & Trade Show, Destin, Fla., March 7-10. On March 8, a PSI cocktail reception will take place at the Hilton Sandestin Beach Golf Resort & Spa, where the event is being held. The announcement from PSI notes, “This new PSI event is in lieu of past receptions at Paper Week in New York City; because of a schedule change by AF&PA (the American Forest & Paper Association), the Paper Mills’ Recycling Division of AF&PA will not be meeting at Paper Week this year.”

    ISRI Annual Convention & Exposition, San Diego, May 4-8. “Paper and recovered fiber recycling is the newest segment to be fully incorporated into convention programming as ISRI’s Paper Stock Industries (PSI) Chapter moves to participate more fully in the convention,” says PSI. “The PSI Chapter will hold its semi-annual chapter meeting during the annual ISRI Convention as well.”

    Paper Recycling Conference & Trade Show, Chicago, June 13-15. A PSI cocktail reception and meetings will take place in coordination with the Recycling Today Paper Recycling Conference, held at the Marriott Downtown Chicago Magnificent Mile.

    49th Annual PSI Fall Conference, Palm Beach, Fla., Nov. 9-12. The 49th annual version of the PSI Fall Conference is to be held at the Four Seasons Resort in Palm Beach.

    More information on the PSI’s involvement in these events can be obtained by e-mailing
    [email protected].

  • The Open Security Foundation’s Data Breach Reports – Good News and Bad News

    Posted on February 7th, 2010 admin No comments

    While the incidence of data breaches in 2009 declined to 436 from the 717 incidents reported in 2008, the number of records affected increased from 86.3 million in 2008 to nearly 218.8 million records in 2009.

    According to a report from the Open Security Foundation, Glen Allen, Va., the business sector had the most breaches in 2009, numbering 205. Government was a distant second with 92 breaches, followed by education with 81 breaches and medical with 65 breaches.

    Of these incidents, 358 involved names and addresses, while 278 involved Social Security numbers and 101 involved date of birth, according to the Open Security Foundation. Seventy-three breach incidents involved credit card information, and 71 incidents involved medical information. Financial information was released in 61 incidents, while account information was involved in 56 incidents.                                                     

    In 2008, the business sector had the largest incidence of breaches with 385, followed by the education sector with 145, government with 101 and medical with 98 incidents, according to the Open Security Foundation.

    The bulk of the incidents, 588, involved name and address information in 2008, while 516 incidents involved Social Security information, according to the Open Security Foundation. Financial and account information were involved in 88 and 74 incidents, respectively.

    Additional information on The Open Security Foundation’s data breach reports can be found at:
    http://datalossdb.org/reports.

  • SMALL PHARMACY FINED FOR CASUAL DISPOSAL

    Posted on July 7th, 2009 admin No comments

    Pharmacy pays fine for jeopardizing patient information

    While it does not involve the sensational million dollar amount of other recent data disposal fines, a fine levied in Indiana sends the message that even small local pharmacies are subject to the continually escalating intensity of enforcement

    Bob Segall of WTHR in Indianapolis, Indiana reported that a small local pharmacy reached a settlement with the state’s Pharmacy Board.  According to the report, which was posted to the TV Station’s website on June 8th, Low Cost Pharmacy will receive a letter of reprimand from the Pharmacy Board and will pay a $250 fine to settle state charges that it improperly disposed of private patient information.

    Full Article

  • AUDITOR SUED OVER DATA BREACH INCIDENT

    Posted on July 3rd, 2009 admin No comments

    credit_cardAccording to an article by Kim Zetter, appearing on the website of Wired News on June 2nd, for the first time a financial institution is suing an auditor for verifying that a third party card processor was secure prior to a data breach caused by the same service provider. The third party processor’s data breach released over a quarter of a million credit card numbers and put almost 40 million other credit card numbers at risk.  As a result of the breach by the third party service provider, the financial institution that brought the suit must notify its customers of the incident.

    The article further describes the ramifications of an anticipated trend of suits where third parties fail to provide the security they claim to provide as well as the risk of such suits against organizations that verify their security.

    Full Article

  • Data Destruction Companies Watch Demand Grow As State Regulations Get Tougher

    Posted on April 14th, 2009 admin No comments

    Boom Time for Shredders

    Identity theft hurts consumers, and it can cost companies that have put private data at risk thousands of dollars in fines.

    But the problem has sprouted a growing industry — information destruction — that continues to move forward even though the economy has turned sour.

    In central Ohio, roughly a dozen companies are certified in the industry, which includes shredding tons of paper and electronic devices, and wiping information from computers and other electronic equipment.

    Established companies in the information destruction industry are growing an average of 10 percent to 25 percent each year, said Tim Oberst, president and chief executive of Ohio Mobile Shredding and president-elect of the National Association of Information Destruction.

    The organization went from 180 members in 2002 to 1,150 this year, but it doesn’t track sales figures.

    “As people become more aware of the need for information destruction, and as the regulations get tougher, they’re paying a lot more attention to it,” said Robert Johnson, executive director of the association. “Demand for information destruction services will continue to grow.”

    Reasons for that demand include more technology turnover and an increase in the enforcement of regulations to properly destroy documents, Johnson said.

    “In the last year and half, there has probably been $3 (million) to $4 million worth of fines,” Johnson said.

    In Ohio, there have been two recent cases where companies have been accused of improperly discarding information.

    Last December, the Department of Commerce filed a complaint against a mortgage company accusing the owner of abandoning hundreds of customer records when he went out of business.

    Another notice was filed in October against a Cuyahoga County mortgage company for a similar incident.

    Department of Commerce spokesman Dennis Ginty said that because of the distress in the housing market, mortgage brokers are going out of business and some simply abandon their records after they close their offices.

    “We are very concerned about possible identity theft and want to make sure that all customer personal information is protected,” Ginty said.

    Oberst, of Ohio Mobile Shredding, said his company was the first of its kind in Columbus in 1987, and he has watched the business boom since then.

    “The industry started to grow to the point where it became an ‘industry,’ ” Oberst said.

    It was tough to sell shredding services when he started out because businesses weren’t particularly concerned, Oberst said.

    “Most businesses would say, ‘What do you have to shred? We don’t have anything confidential,’ ” Oberst said. “Their attitude was out, ‘of sight, out of mind.’ ”

    That’s changed.

    “It’s like an everyday thing that has to be taken care of,” Oberst said.

    CareWorks, a managed-care organization for workers’ compensation, is one of Ohio Mobile Shredding’s customers. It ships 16 to 18 96-gallon barrels of paper to the company every two weeks, said Dave Gran, the facility manager.

    “That personal, confidential documentation has to be destroyed in a certain manner,” he said.

    Mobile Shredding does both paper-shredding and product-destruction — which can include anything from ID badges to hard drives.

    “From my perspective, if a company really wants to be sure the information isn’t left on the hard drive, we recommend physical destruction,” Oberst said. “The little money you get from reselling a hard drive is not worth the risk.”

    Hilliard-based Redemtech, a company that helps large corporations manage technology changes and upgrades, uses a hard-drive overwrite program to destroy the data on its clients’ computers.

    The overwrite program puts a data pattern over top of the original information, thereby obliterating it, said Redemtech president Bob Houghton.

    “If part of your objective is to preserve the financial value of the assets, if you can preserve the hard drive, it really helps,” Houghton said.

    Redemtech handles e-waste — used electronics ranging from computers to cash registers. It erases hundreds of thousands of hard drives a month, Houghton said.

    The company generally tries to refurbish and resell items for clients, so it puts an emphasis on inventory control to make sure no data is preserved.

    “Every single gram of material that moves through the plant is accounted for, particularly data-bearing devices,” Houghton said.

    With states adding regulations on top of existing federal laws, Houghton said many corporations are becoming more concerned about data destruction.

    “It’s good because it means increased consumer protection and less chance of identity theft,” Houghton said. “It’s really tough for a corporation to make sure they’re complying across all the jurisdictions they may be doing business in.”

    Redemtech’s customers include national banks, top insurance companies and health-care organizations, Houghton said.

    Clients now request extra rigor in overwriting data — for example, a company that in the past only wanted one overwrite pass now might ask for three, Houghton said.

    “This is simply to ensure there is even less chance that any data is going to be left in a readable state on the hard drive,” he said.

    Whether it’s through data overwrite programs or simply shredding documents, proper disposal of personal information is becoming more important as concern over identity theft rises.

    “The consumer has become more aware their information is in so many places and they have no idea how the company is protecting it,” Oberst said.

    (Source: dispatch.com)

  • WTHR Investigation Leads to Record $2.25M HIPAA Settlement

    Posted on March 6th, 2009 admin No comments

    cvs-settlement13 Investigates’ “Prescription Privacy” investigation has resulted in a $2.25 million settlement agreement between the U.S. Department of Health and Human Services (HHS) and the nation’s largest retail drugstore chain.CVS, which operates more than 6,000 pharmacies, has agreed to pay the record-setting settlement and implement a “robust corrective action plan” after WTHR found the company was tossing its customers’ private healthcare records into unsecured dumpsters in Indianapolis and other cities nationwide.

    “This is a very important settlement,” said Robinsue Frohboese, acting director of HHS’ Office for Civil Rights. “The millions of customers who go to CVS pharmacies will now have the confidence that their very personal healthcare information will, in fact, be protected.”

    During its investigation, HHS found that CVS failed to implement adequate policies and procedures to reasonably and appropriately safeguard protected health information during the disposal process; failed to adequately train employees on how to dispose of such information properly; and did not maintain and implement a sanctions policy for members of its workforce who failed to comply with its disposal policies and procedures.

    Frohboese said WTHR’s 2006 investigation “formed the basis of the [federal] investigation,” which was launched after Indianapolis-area CVS customers filed complaints with the Office of Civil Rights.

    Jackie Wright was one of those customers.

    Wright felt betrayed by her drugstore after learning her family’s healthcare records were among dozens of private healthcare documents WTHR found in a dumpster behind a northwest side CVS.

    “They are supposed to be shredding it, getting rid of it and destroying it – not throwing it in the dumpster where people can get your personal information,” she told WTHR in June 2006. Soon after, Wright filed a federal HIPAA complaint, alleging that CVS failed to protect her privacy.

    She heard nothing about her complaint — until today.

    “I thought everybody forgot about it and that nobody really cared,” she said. “But $2.25 million, that’s a lot of money… $2.25 million says they do think about what you say.”

    Unfortunately for Wright, complainants will not get any of the pay-out. HHS says all of the settlement money has been deposited into the US Treasury and will be used to investigate other cases involving companies accused of violating healthcare privacy regulations.

    As part of its 20-page settlement, CVS is required to fully implement an action plan designed to protect patient information from being discarded into unsecured dumpsters. The plan will be monitored for 20 years by the Federal Trade Commission, which assisted the Office For Civil Rights in the investigation, marking the first time the agencies have worked together to enforce violations of the nation’s healthcare privacy law.

    Much of CVS’s corrective action plan was developed in late 2006 after 13 Investigates expanded its investigation to show the company’s privacy violations extended far beyond Indianapolis.

    In summer and fall of 2006, WTHR visited cities across the nation and, despite assurances from CVS that it had taken corrective measures at its pharmacies, 13 Investigates found the company was still failing to protect customer privacy. WTHR found protected patient records in CVS dumpsters in Boston, Chicago, Cleveland, Detroit, Dallas, Louisville, Miami, New Haven (Conn.), Philadelphia, and Phoenix. 13 Investigates also found hundreds of private customer records tossed into CVS dumpsters in Woonsocket, R.I., which is home to CVS world headquarters. The investigation also revealed similar problems at Walgreens and RiteAid pharmacies, the country’s second and third largest drugstore chains.

    On Wednesday, CVS released a statement saying it agreed to the settlement “to avoid the time and expense of further legal proceedings” and the “company denied engaging in any wrongful conduct.”

    But that contradicts earlier statements made by corporate officials.

    Two years ago, when 13 Investigates went to CVS headquarters to show what we found, CVS privacy officer Christine Egan admitted “We are not safeguarding customer privacy as we are required to do… It’s sad and intolerable.”

    Today’s agreement is only the second monetary settlement involving HIPAA violations since the Health Insurance Portability and Accountability Act took effect in 2003, and the $2.25 million figure shatters the previous settlement. In July 2008, HHS entered into its first HIPAA settlement agreement with Seattle-based Providence Health & Services. The company paid $100,000 stemming from lost and stolen computers containing health information.

    Federal regulators say they hope this latest settlement will help them promote the importance of protecting healthcare information, and HHS has posted a tip sheet for other businesses to learn from CVS’ mistakes.

    “The Office For Civil Rights is using this opportunity to get good information out to healthcare providers about appropriate ways to dispose of personal health information,” Frohboese said.

    HHS won’t comment on the possibility of a settlement agreement with Walgreens and other pharmacies involved in WTHR’s Prescription Privacy investigation, which also prompted formal complaints against CVS and Walgreens by the Indiana Attorney General. Those cases are still pending before the Indiana Board of Pharmacy.

    (Source : www.wthr.com)