Pacific Northwest Shredding, Inc. Blogs

No company would allow every employee to use its checkbook or offer them the choice of shotting off the Internet firewall. However, as ludicrous as these ideas sound, they are not much different from allowing each employee to decide what should or should not be shredded. Simply directing employees to discard information that “they” feel is confidential jeopardizes the organization's future. If they make the wrong decision about what is and isn't safely destroyed, or if they are distracted, too busy, or too sluggish to do the right thing, the consequences could be disastrous. There are numerous studies that demonstrate the severe effects of data breaches (defined as any illegal access), including their financial impact. The heart of the "employee discretion" problem is providing them with several disposal alternatives for discarding paper. The better way is to give them only one disposal option that assures the material will be securely destroyed. Every piece of paper, including mail, notes, reports, drafts of letters, and proposals, may include sensitive or confidential information. If an employee is given the option of putting these goods in the trash, the recycling bin, or the destruction receptacle, they may make the wrong decision. The organization's data security is not only determined by their judgment, but also by their state of mind. Did they get a horrible night's sleep, are they hungover, tired, or even disgruntled? Are they simply too preoccupied with their work to worry about selecting the correct bin? A data leak isn't the only issue with having several disposal routes for paper and electronic devices. It also undermines future challenges to the integrity of regulatory compliance and jeopardizes intellectual property legal rights. All the lawyer, auditor, or regulator needs to do is ask, "How can you tell the court you're sure it was properly destroyed when you gave every employee the option of not destroying it?" The solution to this problem is to eliminate employee discretion by creating a single "destruction-by-default" disposal policy that applies to all media. Many groups are already doing so. They have sensibly determined that the risk and related cost of giving employees control over what is and is not destroyed is unreasonable.  In this new model, all of the organization's discarded media is considered confidential and deserving of shredding, which is more than likely the case. Contact Pacific Northwest Shredding today to learn how we can help! © 2024 Pacific Northwest Shredding, Inc. - All rights reserved.

ESG obligations are increasingly important to Pacific Northwest Shredding's clients. Academic research from the University of Washington and Oregon State University, as well as surveys by the Pew Research Center and Gallup, indicate that the Pacific Northwest is more sensitive to environmental, social, and governance issues than other regions in the United States. This is no surprise to those of us who live here. As a result, organizations in the region are increasingly proud of their dedication to ESG issues, which are routinely affect their buying decisions and are baked into annual reports, investment plans, and political lexicons. It is clear, therefore, that when hiring service providers, organizations in the region should examine how such vendors can contribute to their own ESG profile. ENVIRONMENTAL RESPONSIBILITY Pacific Northwest Shredding recycles 100% of the recyclable material that is destroyed. Almost everything is reused, even shredded paper and computer hard drives. In fact, if these objects were shredded in-house, they would almost surely end up in the trash. As a result, using Pacific Northwest Shredding to secure essential documents is one of the most crucial components of our clients' environmental responsibility efforts. SOCIAL RESPONSIBILITY Pacific Northwest Shredding's services help to support a local, minority-owned family business. In an environment where alternative options for commercial shredding are enormous, national corporations, our clients may be proud that they are supporting a Washington-based firm with a decades-long history. RESPONSIBLE GOVERNANCE. Pacific Northwest Shredding is one of the only secure destruction service providers that supports their clients' governance priorities. Our internal capabilities, which include an internationally recognized Data Protection Officer, a globally recognized certification, and cutting-edge policies and contracts, allow us not only to exceed regulatory compliance, but also to assist our clients in understanding and meeting their own compliance requirements. We may help our clients establish the necessary disposition policies and procedures, respond to regulatory inquiries, or simply address concerns about any data-related regulation. It is crucial to note that if a secure destruction service fails to comply, so will its customers. As a result, Pacific Northwest Shredding's activities are critical to our clients' compliance, which is consistent with their governance aim. Ironically, while misaligned governance is the most likely to get a company in trouble, it is also the most misunderstood and overlooked ESG responsibility. Fortunately, Pacific Northwest Shredding clients don't have to worry about this. SAY "NO" TO ESG-WASHING Unfortunately, since more clients are looking for service providers that can improve their ESG profile, many vendors misrepresent their capabilities. It's called "ESG-washing," and the fact that it has a name shows how widespread it has become. Pressing service providers on such statements is one of the most effective ways to see if they are walking the talk. It's one thing to state that ESG is important but find it more difficult to explain how. Of course, another option is to contact Pacific Northwest Shredding. We welcome such conversations and are glad to help. Copyright 2024 Pacific Northwest Shredding, LLC. - All rights reserved.

The accumulation of old records and electronics plagues most organizations, so we wanted to provide some reasons why it’s time to finally get rid of them the right way. 1. Keeping old records undermines an organization's records retention policy. An organization violates its own policy if it permits the existence of records that are beyond the set retention periods' control or controllable parameters. When the business must rely on the integrity of the retention schedule to validate ultimate disposition during a legal or compliance situation, this could come back to haunt it. 2. Old records and electronics pose a security threat. It makes sense that the longer records and electronics are kept, the greater the possibility that they will end up in the wrong hands and that they will be retained longer than is necessary. Let's imagine an old laptop is taken from the storeroom a year after it was placed there because an employee decides no one cares (or is looking). Exactly why not? Who will be aware? No one, up until the employee sells it on eBay and the data becomes public later. Of course, this risk also applies to collections of unnecessary paper records that are kept. An aging warehouse is cleaned out by a diligent custodian. Four hundred cartons that a hospital placed in a dilapidated outbuilding 20 years ago go unremembered. These are not merely speculative examples. They have happened and will continue to happen as long as they are allowed to accumulate. 3. Uncontrolled ​​documents and outdated devices make legal discovery dangerously more difficult. In a legal proceeding, “discovery” mandates that the opposing sides turn over to the other all the records associated with a criminal investigation or civil lawsuit. The problem is that unsupervised records (either paper or electronic) are stashed away in offices, backrooms, and self-storage facilities. And woe to the organization that claims that "discoverable" records were destroyed in accordance with a retention schedule when it later comes to light during a deposition that those records might still be accessible in another way. And when the opposing party or the judge learns that a self-storage facility is full of long-lost documents or electronic equipment that could be remotely relevant, not only will a lawyer soon begin searching through them to see what is there, but it also raises suspicion and may result in significant retaliation, such as giving the jury an instruction on adverse inference. You see what I mean. Legal discovery becomes a nightmare when unmanaged records or electronic equipment accumulate. 4. Accumulated records and electronics violate new privacy laws. Nineteen states have passed privacy laws that forbid organizations from retaining personal information for longer than necessary. And since most old records and electronics have such information on them, retaining them longer than needed is a violation of those new laws. Additionally, those same privacy regulations grant people the right to, one, have their information destroyed after the transaction is over, two, access all information maintained by the data controller, and three, know how their information is stored. Accumulating old records and electronics flies in the face of these rights as well. What to Do? There are three methods for reducing the danger posed by accumulated records and electronics. The first is not to accumulate them in the first place. Employees should routinely be reminded of the dangers of obsolete and unmanaged documents, as well as old electronics, emphasizing the negative effects of their unwarranted buildup. The second thing is to set up a method for disposing of devices that have amassed and are out of control through semi-annual purges. The third step is to make sure that the organization’s stored records are securely destroyed once a year according to a predetermined retention schedule. Fortunately, there is an easy, cost-effective way to do this. Why not make an appointment for a visit from one of our mobile shredding trucks? Our polite, screened, and trained driver and our state-of-the-art equipment can shred years’ worth of old documents in minutes.

A person’s medical records are widely considered the most private of all, with recognition of the need for confidentiality dating back as far as the Hypocritic Oath in 400 BC. Presently, Washington’s My Health Data Act and national regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act impose much more direct and consequential privacy requirements, including severe penalties and large fines for allowing unauthorized access. This means that when smaller medical facilities such as doctors’ offices, laboratories, surgical centers, and pharmacies fail to fulfill their legally mandated data destruction obligations, as many do, it is both risky and potentially very costly. Especially when one considers that medical data breach notification is now a national law and healthcare identity theft is the most troublesome form of identity fraud. Many of these medical offices report that they have tried office shredders, discovering after that no one used it or that, when they did, the machine was too slow and easily broke down. Some medical offices feel they are so small, and their volume of destruction is so little, that they are safe to tear it up or just toss it in the trash. That’s probably what the Arkansas chiropractor fined $321,000 for improper disposal of records last year thought. Same for the Beth Israel Senior Health Center when their trashing of records made headlines in the New York Times, and the North Carolina doctor fined $40,000 when patients' records were discovered in his dumpster. What makes these events even more unfortunate is that most healthcare professionals want to do the right thing. These problems resulted because the solutions available to them haven’t worked. Some have given up, intentionally remaining in the dark about what happens to the daily flow of paper from their offices, or they run out and buy a shredder, hope their staff will use it. Pacific Northwest Shredding to the Rescue Fortunately, there is a solution that works: Pacific Northwest Shredding’s on-site service. Whether cleaning up a backlog of material or for routine removal, why not make an appointment for a visit from one of our mobile shredding trucks? Our polite, screened, and trained driver and our state-of-the-art equipment make the process painless, and you can rest assured everything’s properly destroyed.  Contact us today to learn how even the smallest medical offices can benefit from our cost-effective, routine service.

Aware that discarding sensitive information is illegal, many cautious, cost-conscious businesses believe an office or personal shredder is the solution. What they fail to realize is that, whether it is the office or the home, relying on a small shredder is among the most expensive and least secure options. The Shredding Imperative At work, securely shredding sensitive information prior to disposal is the law. Any organization with customers or employees must comply with one or more regulations that require sensitive information to be destroyed prior to disposal. And, while the regulatory fines for disregarding this requirement grow by the day, so do client and employee retribution. At worst, they can bring a lawsuit. At minimum, they will find another place to do business. In the home, it is a little different. While there is technically no law requiring an individual to protect their own personal information, it is important to avoid putting one’s family at risk of identity theft or privacy violations. Personal Shredders Are Not the Solution The first problem with relying on personal shredders, either at home or work, is that people avoid using them. Shredders are slow and laborious (not to mention noisy), and there is a strong temptation not to use them. Before long, the shredder is unplugged and collecting dust. Secondly, even if the shredder is used, it is going to end up in the trash, where dumpster divers can easily find it. It is widely known by identity thieves that shredded paper can be reconstituted (and even admitted as evidence by courts). Now, in an environment of high-speed scanners and AI, this ability is at everyone’s fingertips. The fact is, putting shredded paper in the trash—even crosscutting—only tells the bad guys what to take. They probably appreciate that. The third problem with personal shedders is that, if used with any regularity, they are prone to breakdowns. This is especially true in the office. As a result, instead of being shredded, the sensitive information piles up. Finally, someone gets frustrated and tosses it out. All anyone knows is that it’s gone. Never mind how. Fourth, and finally, even if the shredder is being used conscientiously and stays in good working order, its use provides no ongoing documented record of compliance with data protection or records retention policies. Why is this important? Because data protection regulations now require the ability to demonstrate compliance over time. Pointing to a shredder in the corner of the copy room isn’t sufficient. And so, with this additional requirement in mind, using a personal shredder takes on a new level of inconvenience, since to be compliant with regulations would require elaborate chronicling of each use. The unfortunate part is that those who attempt to use personal shredders have the right idea and the best of intentions. They just want to do right by their families and their customers. Luckily, there is a better option. Pacific Northwest Shredding’s mobile service is used by an increasing number of businesses and households to protect themselves.  Contact us today to learn how we can help.