Posts Tagged ‘shred’

If there’s a Shred of Evidence it’s Not Shredded

Monday, October 28th, 2013

“What’s the minimum shred size?”

Recently I got a great question from one of my Compliance Helper clients:

“This may seem like a silly question, but is there any type of HIPAA compliance requirements for shredder types?  For example, minimum shred size?”

Not a silly question at all! Of the organizations that shred their paper documents (there are still way too many that don’t), a large portion of them are not shredding their documents to a point that they are actually doing so effectively. Here are some points and tips (more…)

Disposal Dummies Cause Privacy Problems

Thursday, May 31st, 2012

A couple of weeks ago I was doing a consulting call with a small startup business (that in a short span of time is already performing outsourced cloud processing for a number of really huge clients) about information security and privacy.  They had implemented just the basic firewall and passwords, but otherwise had no policies, procedures, or documented program in place.  I provided an overview of the need for information security and privacy controls to be in place throughout the entire information lifecycle; from creation and collection, to deletion and disposal.  They were on board with everything I was describing until we got to (more…)