Who Must Comply with the Gramm-Leach-Bliley Act:
-Banking and credit issuing
-Insurance
-Stocks, bonds, and investing
-Financial Service Providers
Penalties for Non-Compliance:
Up to $100,000 for each violation.
Criminal penalties may include up to five years in prison.
Frequently Asked Questions
Why Docu-Shred?
Why switch from your current office shredder?
Is recycling my paperwork good enough?
Do I really need an information security and document destruction plan?
What about the records I have under lock and key? Aren't they safe?
What types of information should be destroyed?
What types of documents contain this information?
Q: Why Docu-Shred?
A:-Highest Security
We provide the highest level of security with our on-site shredding service and locked containers. We never handle your confidential information as they are fed automatically into the shredder.
-On-Site.
Shredding on site insures that the opportunity for information theft is drastically reduced. Allows the customer to audit our service at any time.
-Scheduled or bulk clean out services.
We can help your business with a scheduled service tailored to your needs or a bulk clean out to get rid of those old records you no longer need.
-Certified Technicians.
Before any of our employees enter your business, they have gone through a pre-
employment criminal background check and drug screening. To maintain their certifications they must submit to random drug testing as well as comply with our appearance and behavior standards which include uniform and photo identification badge.
-Insurance Protection.
We are insured and bonded to provide your business peace of mind and we accept the liability for your destroyed documents in case the unthinkable happens.
Q: Why should we switch from our current office shredder?
A: A high end typical office shredder can handle approximately 20-25 lbs. of paper in an hour. If you were to destroy 400 lbs. (standard 4-drawer file cabinet full) of documents, it would take an employee 15-20 hours to complete the task. When our truck shows up we can do the same job in under ten minutes. Your employee can get back to doing what is really important -- working for you.
Q: Is recycling my paperwork good enough?
A: Recycling is not an adequate alternative for information destruction. To extract the scrap value from office paper, recycling companies use unscreened, minimum wage workers, to extensively sort the paper under unsecured conditions. The “acceptable” paper is stored for indefinite periods of time until there is enough of a particular type to sell. The sorted paper, still intact, is then baled and sold to the highest bidder, often overseas, where it may be stored again for weeks or even months until it is finally used to make new products. There is no fiduciary responsibility inherent in the recycling scenario. Paper is given away or sold and, by doing so, a company gives up the right in how it is handled. There is, also, no practical means of establishing the exact date that a record is destroyed. In the event of an audit or litigation, this could be a legal necessity. And, further, if something of a private nature does surface, the selection of this unsecured process could be interpreted as negligent. For all these reasons, the choice of recycling as a means of information destruction is undesirable from a risk management perspective. If environmental responsibility is a concern, materials may be recycled after they are destroyed or a firm can contract a service that will destroy the materials under secure conditions before recycling them. Any recycling company that minimizes the need for security has its own interests in mind and should be avoided.*
Q: Do I really need an information security and document destruction plan?
A: Every Business Has Information That Requires Destruction. All businesses have occasion to discard confidential data. Customers lists, price lists, sales statistics, drafts of bids and correspondence, and even memos, contain information about business activity which would interest any competitor. Every business is also entrusted with information that must be kept private. Employees and customers have the legal right to have this data protected. Without the proper safeguards, information ends up in the dumpster where it is readily, and legally, available to anybody. The trash is considered by business espionage professionals as the single most available source of competitive and private information from the average business. Any establishment that discards private and proprietary data without the benefit of destruction, exposes itself to the risk of criminal and civil prosecution, as well as the costly loss of business.*
Q: What about the records I have under lock and key? They should be safe.
A: Stored Records Should Be Destroyed On A Regular Schedule. The period of time that business records are stored should be determined by a retention schedule that takes into consideration their useful value to the business and the governing legal requirements. No record should be kept longer than this retention period. By not adhering to a program of routinely destroying stored records, a company exhibits suspicious disposal practices that could be negatively construed in the event of litigation or audit. Also, the new Federal Rule 26 requires that, in the event of a law suit, each party provide all relevant records to the opposing counsel within 85 days of the defendants initial response. If either of the litigants does not fulfill this obligation, it will result in a summary finding against them. By destroying records according to a set schedule, a company appropriately limits the amount of materials it must search through to comply with this law. From a risk management perspective, the only acceptable method of discarding stored records is to destroy them by a method that ensures that the information is obliterated. Documenting the exact date that a record is destroyed is a prudent and recommended legal precaution.*
Q: What types of information should be destroyed?
A: Information should be destroyed that contains the following:
Telephone Numbers
Drivers License Numbers
Passport Number
Individual Education Files
Credit Card Numbers
Bank Account Information
Addresses
Social Security Numbers
Insurance Policy Data
Employment Information
Debit Card Numbers
Brokerage Account Information
Q: What types of documents contain this information?
A: Documents to be shredded include:
Legal Documents
Medical Records
Financial Statements
Profit & Loss Statement
Accounting
Files/Records
Organization Charts
Personnel Files
Payroll Records
Audits/Surveys
Market Research
Bank Statements
Tax Records
Contracts
X-Rays
Lottery tickets
Client Lists/Files
Receipts/Invoices
Price/Inventory Lists
Proposals and Quotes
Canceled Checks
Business Plans
Photographs
Presentations
R&D Files/Data
Computer Reports
Credit Card Numbers
New Product Information
Executive Correspondence
Obsolete Documents
Brochures/Stationary/Files
Pull-Tabs
*Information obtained from www.NAIDonline.org
