Woman gets prison over Irving teachers ID theft

DALLAS — A Bedford woman apologized as she was sentenced to 34 years in prison in an identity theft scam targeting educators in Irving.

Sharon Denise Seeley pleaded guilty and was sentenced to 30 years for fraudulent use or possession of identifying information. She was sentenced to two years on each of two counts of credit card abuse.

The 40-year-old woman will serve the sentences concurrently.

About a dozen victims were in court Thursday. Several testified about how ID theft had destroyed their credit ratings and left their lives in turmoil.

Thieves were blamed for getting the data of more than 3,000 Irving teachers and other district employees from an old benefits report. Seeley, who was arrested in 2009 at a mall, says the information she used came from a binder thrown in a trash bin.

(see original article here)

Business Associates Can Pay Directly For Breaches

Business associates can be directly liable for a breach of unsecure protected health information (PHI) and could have to pay OCR directly, a top OCR official told HealthLeaders Media at the 18th Annual National HIPAA Summit Wednesday afternoon.

HealthLeaders Media asked Sue McAndrew, deputy director for Health Information Privacy for OCR, if a business associate could end up paying out of its own pocket for a breach.

The answer is yes.

“Business associates going forward will be directly liable for violations that occur in their possession,” McAndrew said. “The fines would be imposed upon the BA, and if they can’t pay, we send them to jail.”

McAndrew laughed at the line about “jail,” and said it was in jest.

However, she went on to say OCR would consider waiving—or decreasing—some of the penalties after an assessment of the financial state of a violating hospital. She also said that the “settlement door is always open.”

On Wednesday, McAndrews also released breach numbers for the month of January:

• As of January 2010, there have been 35 reports of breaches affecting 500-plus individuals, resulting in 712,000 notices.
• Most of the reports were ePHI contained in lost or stolen unencrypted media or portable device.
• There were more than 300 reports of smaller breaches.
• Most of the paper records were sent to wrong fax numbers, wrong addresses, and wrong individuals.

(see original article here)

Social Security numbers found lying in street

Sensitive documents mysteriously appear in Des Plaines, putting identities at risk

The W-2 form of Jeffrey Simmons of Santa Rosa, California, lies on the ground on the 1000 block of East Touhy in Des Plaines, Ill., on January 28, 2010. The W-2 came from MEDHQ, LLC in Westchester, Ill. Hundreds of documents including W-2 forms, financial and retirements statements, credit card accounts statements, and among others were found blowing in the wind.

When Elida Cruz worked in the banking industry, she assured clients that their personal information would remain confidential.

So, imagine her horror when she learned that much of her own information, including her Social Security number, birth date, phone number and job history, had become astonishingly public, floating down a Des Plaines street in a cloud of half-shredded paperwork.

Hundreds of sensitive, intact documents — including W-2 forms, investment account balances and job applications — were inexplicably swirling around Touhy Avenue and Eastview Drive on Thursday afternoon. After being tipped to the airborne paper trail, the Tribune contacted some of the people and companies listed on the documents.

None of them knew how the papers could have ended up in the street.

“I am pretty much disgusted with this,” said Cruz, 47, of Chicago, who was notified that at least 17 documents with her Social Security number (the apparent remnants of an old job application) had been retrieved. “All of that is sensitive information. You would think your stuff is secure.”

Privacy experts say the loss of confidential paperwork illustrates that even in an electronic age, stray documents remain a danger.

“It’s a lot more frequent than people would suspect,” said Paul Stephens, director of policy and advocacy for the Privacy Rights Clearinghouse in San Diego. “Most of the time it’s just not discovered.”

His group, which pushes for tighter privacy laws, tracks breaches of sensitive information. Though computer hackers are behind most such data loss, careless document disposal still causes problems. Since 2006, the clearinghouse has noted 33 cases of legal, medical and financial paperwork discovered in trash bins.

Losing track of sensitive documents can have serious consequences.

Washington, D.C., attorney Christopher Wolf, founder of the Future of Privacy Forum and a partner at Hogan and Hartson, said state and federal laws on data security have gotten tougher in recent years. Companies that lose records often must announce it publicly, he said — a public relations nightmare.

“These laws certainly have spurred compliance, and every major corporation now understands they have a data security obligation,” he said. “Companies know they can’t put sensitive records on the curbside or throw them in the Dumpster. It’s not to say that never happens, but it’s rarer.”

Many companies contract with vendors to destroy their paperwork. That is the case with MedHQ, a Westchester firm that provides business services to healthcare providers. Some of its employees’ 2009 W-2 forms were found in Des Plaines.

Tom Jacobs, MedHQ president, said he called his shredding company (he declined to name it), but no one there claimed responsibility.

“I don’t know how it could have happened,” he said. “It is really upsetting to know there might be some documents out there that are loose like that. We are down near Oak Brook and don’t have any customers in that area.”

David Collins, owner of Lindy Manufacturing, a metal stamping company in Downers Grove, said his business does all of its shredding in-house. He also had no clue how employees’ 401(k) statements from several years ago could have escaped.

“It disturbs me a lot,” he said. “You just have to trust that these people (with access to sensitive papers) will do the right thing.”

Robert Johnson, executive director of the Phoenix-based National Association for Information Destruction, said a good shredding company maintains an unbroken chain of custody over its documents, with a screened employee taking them from locked container to locked vehicle to secured shredder.

He guessed that a recycling company or waste hauler might have been the source of the Des Plaines paperwork.

“It would explain why materials from disparate sources would have ended up in one place,” he said.

Des Plaines police said Friday they had no reports about the paper trove.

The National Insurance Crime Bureau, whose Touhy Avenue headquarters are close to where the documents were discovered, had its employees collect as many as they could and plans to return them to the people named in the papers.

“If we see who belongs to the stuff, we will get it back to them,” spokesman Frank Scafidi said. “It’s definitely not ours.”

Freelance reporter Krystyna Slivinski contributed to this report.
(see original article here)

Medical files found in trash

PORT ST. LUCIE, FL — Police on turned up medical files in a trash bin near University Medical Clinics that contained information that could be used to commit identity theft, a police spokesman said Wednesday.

Police determined the files, which contained information including patient names, Social Security numbers, phone numbers and addresses, had been discarded from University Medical Clinics in the 1800 block of Southeast Port St. Lucie Boulevard, said Officer Tom Nichols, police spokesman.

A man identified by Nichols as a high ranking official with the company indicated an employee had thrown the files way.

“A garbage bag full of medical records is not an oversight,” Nichols said.

Dr. Samuel Sadow, CEO of University Medical Clinics, said Wednesday he didn’t think any patient information had been compromised.

“We’re very concerned about it and we’re doing our own internal investigation,” Sadow said.

Nichols said the records were returned to the office.

Nichols said the files initially were found by a woman acting on an anonymous tip that they’d been discarded. That woman then notified police of her discovery.

(Read original article here)

Converge Adds IT Asset Disposition Services to Singapore Plant

Converge, a leading supply chain services company based in Peabody, Mass., has announced the expansion of its international IT asset disposition (ITAD) facilities to support the secure, “green” disposal of obsolete computer equipment.

Converge’s Singapore facility, which it calls a state-of-the-art hub for electronic components distribution, has been expanded to include a full suite of ITAD services.

“Global presence and capabilities have become key decision criteria for enterprises selecting an ITAD partner,” says Converge CEO Frank Cavallaro. “Today we have an unsurpassed worldwide network of facilities and expertise for advanced services that support the entire electronics life cycle.”

The enhanced Singapore ITAD operation joins Converge’s full-service facility in Schiphol, Netherlands, servicing Europe. These new centers complement Converge’s ITAD capabilities in the United States, with major facilities in Peabody and Columbus, Ohio

“The Fortune 1000 customers that we serve absolutely require in-region resources for the risk-sensitive disposal of retired IT assets,” says Chris Adam, Converge vice president of ITAD services. “They demand security and transparency throughout the entire process, from preparing IT assets for shipment to physically transporting them to the most appropriate processing facility. This cannot be accomplished without a uniform process that provides full visibility into each step of the disposition process.”

In addition to Converge-owned facilities, the company has developed a network of “managed partners” worldwide, which it claims provides “a single, seamless process across all its global ITAD service offerings.” The company says its process is tied together by its proprietary Asset Manager Web-based reporting system, which provides clients with real-time visibility into the process and features detailed reporting, metrics and benchmarking tools.

Converge is a global supply chain partner for technology-driven companies. The organization’s three business divisions provide to just-in-time distribution of electronic components, reverse supply chain solutions and secure IT asset disposition.

Finnish Firm Opening Electronics Scrap Recycling Facility in Pennsylvania

The Pennsylvania Recycling Markets Center, Inc. announced the launch of an electronics recycling facility in Philadelphia by the Finnish firm Kuusakoski. The new facility will be called Kuusakoski Philadelphia, LLC. It will be a wholly owned subsidiary of the European company Kuusakoski OY.

The launch culminates in two years of technical management and project coordination by the non-profit company. At full production, the electronics recycling facility, slated to cost around $10 million, will recover and process at a minimum 15,000 tons of electronic scrap a year. The facility will employ about 30 people in the operation.

The Kuusakoski processing technology is the first of its kind introduced to the United States, which is presently operated at locations in Finland, Sweden and Russia. In addition to the processing facilities in those three countries, the company operates a host of trading offices throughout the world.

“We are excited and eager to move forward in building many new business opportunities,” said Richard Burgess, president BGA Commodities; newly appointed as CEO and managing partner of Kuusakoski Philadelphia.

Burgess takes over the operation of the wholly owned subsidiary of Kuusakoski after the Finnish company acquired his facility. In addition to electronic scrap, the plant handles some types of industrial scrap metal.

Burgess says that the facility, to be located at the location where BGA operated, will have two large pieces of equipment installed. The first item should be installed by early 2010, while a larger piece of equipment should be in place by the end of 2010. In the meantime, the company will use the facility to collect material and ship the unprocessed electronics to Kuusakoski’s European locations.

When the equipment is installed, the company will do processing of both the plastics as well as metals, shipping the processed material to end sources.

“Kuusakoski has proudly partnered with BGA Commodities and the Recycling Markets Center to make this project a reality.  “Without involvement of RMC, it is likely our efforts to invest in Pennsylvania would not have occurred,” said Vesa Samela, Kuusakoski country manager USA, board member of Kuusakoski Philadelphia, LLC.  “Further, we have received a cordial introduction from the Department of Environmental Protection in Pennsylvania.”

The Pennsylvania Recycling Markets Center provided management support though all phases of the economic development project, including business planning; loan, grant, and tax credit coordination; facilitation of opportunities with the Departments of Environmental Protection and Community and Economic Development; introduction to the Governor’s Action Team; introduction to the Philadelphia Industrial Development Authority; introduction to the Center for International Regulatory Assistance; and technology and process validation.

EPA Fines California Company for Violating Export Laws

The U.S. Environmental Protection Agency has issued an order seeking penalties up to $37,500 per day to Monterey Park, Calif.-based ZKW Trading for failing to properly manage electronic waste that it attempted to export to Hong Kong.

“This agency is firmly committed to greater e-waste stewardship; companies that make, distribute, use, and dispose of electronic products share the responsibility for reducing their environmental impact,” says Jeff Scott, director of the Waste Management Division for EPA’s Pacific Southwest region. 

EPA issued the penalty order after ZKW failed to comply with a September 2009 order requiring ZKW to remove its cargo from the Port of Long Beach and to submit a plan for management of electronic waste that ZKW had shipped to Hong Kong without providing required notice. 

The waste was part of a shipment of about 31,993 pounds of cathode ray tubes that had been rejected in Hong Kong and returned to the Port of Long Beach. ZKW failed to provide appropriate notice to EPA or to the receiving country as required by federal law. After receiving the earlier order, ZKW informed EPA that it would not comply with the order.

“EPA requires all exporters of e-waste for recycling to provide notification,” said Amy Miller, who leads Resource Conservation and Recovery Act enforcement in EPA’s Pacific Southwest region. “Companies that fail to comply will face significant penalties.” 

The EPA also noted that in June 2009, ZKW Trading reportedly consigned 38 pallets of cathode ray tubes – listing the cargo as plastic scrap – for shipment to Hong Kong, where it was rejected by Hong Kong customs authorities.   

The order gave ZKW Trading 30 days to remove the cargo, and forty-five days to submit a plan to the EPA detailing how it will reuse, recycle, or discard the CRTs.  ZKW Trading’s failure to comply subjects it to fines of up to $37,500 per day of noncompliance.

Regulations took effect in January 2007 requiring exporters shipping CRTs to another country for recycling to notify the EPA and receive written consent from the receiving country before shipments can be made.

The seamless integration between KOM Networks and CommVault offers a way to reduce costs, drive greater operational efficiency and simplify the way organizations manage, retain and protect their information.

KOM Networks, based in Ottawa, Canada, a provider of storage management solutions for secure archiving, has certified its KOMpliance with Simpana 8 software from Oceanport, N.J.-based CommVault to provide data storage, search and management solutions for small businesses to large enterprises. 

In a press release, the companies note that “the seamless integration between KOM Networks and CommVault offers a way to reduce costs, drive greater operational efficiency and simplify the way organizations manage, retain and protect their information.”   

According to the companies, their technology relationship “will provide the availability of an integrated offering that addresses a wide range of compliance requirements at a very affordable price without sacrificing reliability or performance.”.

KOMpliance is a turnkey archive storage solution that uses standard file sharing protocols to deliver a secure universal file archive repository, according the KOM Networks. KOMpliance is available with its own storage capacity or as a SAN (storage area network) gateway to create secure archives using fiber channel and iSCSI storage resources. No agents or client licenses are required. 

 “Both CommVault and KOM have similar ideals in providing a very simple way to reduce costs, risk and manage growth while upgrading their technical infrastructure,” says Kamel Shaath, chief technology officer of KOM Networks. “Our integrated offerings will provide the best of all worlds, including Simpana software’s data deduplication, which complements the KOMpliance solution, eliminating redundant data to save on storage costs.”

CommVault Simpana software uses a single-platform architecture that is designed to enable companies to reclaim space on primary storage, reduce off-site storage by up to 90 percent and eliminate up to half their tape drives, according to the company. The enterprise data management software features data deduplication, laptop and desktop protection, remote office data management and advanced copy management features.

Shredding Service Fort Lauderdale

MicroShred

Secure Mobile On-Site / Off-Site Document Shredding Company – Fort Lauderdale, Florida