How the Data is Stolen
According to the BBB, most identity thieves still obtain personal information through traditional means, rather than electronic means. Where the method of theft is known, almost 70% of information was obtained by dumpster diving and physically stealing the data, versus 11% obtained online. This includes dumpster diving, theft of mail, wallets, checkbooks etc.
One of the best self-defense measures businesses can implement is to shred information before discarding it. Even the smallest business can afford an to outsourse their shredding to a professional shredding company. Staff members should be instructed to place all confidential information into a locked bin or other location until it can be picked up and shredded by a professional.
What Should Be Shredded
A professional paper shredding program can help you be in compliance with the various State and Federal Laws. These laws mandate that you protect the private information of your employees, customers and patients. In order to be compliant with the various state and federal laws and protect yourself, stockholders, employees, and customers/patients, you should destroy all confidential and outdated material.
- Shred any document, which contains confidential material (designs, proposals, plans, and drafts of such information.)
- Shred any document which could be used for the purpose of identity theft (social security numbers, customer lists, credit applications, tax returns, etc).
- Shred any document which could cause harm in the hands of criminals or competitors (canceled checks, price lists, business plans, credit card numbers)
- Shred any document which is mandated to be protected by privacy laws such as HIPAA (health care), GLB (financial) or FACTA (general).
- Shred any papers which could cause harm to you or others in the hands of criminals.
Click here to see many examples of documents which should be routinely shredded.
Report Details Risks of Data Theft
The overwhelming majority of victims of a security breach blamed the offending institution for the data breach, according to a survey involving 1,100 American adults who received security-breach notifications alerting them to a compromise of their personal information.
In some cases, the confidential records that were stolen before they could be destroy or were never going to be shredded. In other cases, computer data was stolen. It is not clear how much of the data was stolen from disk drives which were disposed of instead of being shredded.
The survey determined that 92% blamed the company for the loss of their personal information, 19% left the company due to the issue, and 40% are considering taking their business elsewhere. Another 5% are seeking legal advice for possible lawsuits.
You Can Get Fired For Not Protecting Data
The following is just one example of people getting fired for not protecting data.
Secretary of Veterans Affairs R. James Nicholson, has acknowledged three firings associated with the theft of a Veteran Affairs laptop computer containing personal information on over 26 million current or former members of the U.S. armed services. He said that other personnel actions were also taken. "The acting assistant secretary was let go," Nicholson said, "and the deputy assistant secretary has been let go."