October 12, 2008
Houston, Paper Shredding
No Comments
There are various options for paper shredding in Houston offices, but the need of paper shredding in Houston homes, is equally important and necessary. Like most of the other states the trend of shredding paper has just about set in many homes. Earlier the application of paper shredding in Houston was restricted to the government offices, where confidential papers on national security or other such documents would be shredded. But after the 1984 amendment by the Supreme Court which permitted the seizure of garbage from homes, there has been an increased use of shredding machines in both, homes and offices.
There are various reasons why paper shredding in Houston homes is required. One of the most vital reasons is the growing rates of crimes like identity theft. These crimes are the easiest to commit and they also provide for financial crunches which are not even possible with regular crimes. For example, the disposals of your credit card statement in the garbage, can fall into the hands of unwanted people. This would mean that all the information in the statement, including the credit card number, can be misused. The person or people, who get this information can use it to their benefit by using your credit card. The crime would not be detected till you receive the statement from the bank and often the theft can be beyond a payable limit. Any crime can also be committed using your identity, which would also make you the prime suspect in a robbery or a scam.
Hence it is always advisable to dispose all documents through shredding in Houston. These shredding machines are easily available and they don’t occupy too much space in the house. They are different from the shredding machines at office and are much lighter in weight. Also the process of shredding your documents through these shredders would take very little time as compared to doing the same manually. Through this process multiple documents can be disposed at one go instead of tearing or cutting each of the documents separately.
There are various kinds of documents which can be shredded through these machines. These include documents that have your social security number, credit card statements, details of your bank accounts and pass books, any document which is related to property and is confidential. All of these documents can be destroyed through paper shredding machines. The process is safe and ensures that your confidential documents are not passed to wrong hands.
July 5, 2008
Paper Shredding
No Comments
Why would I pay someone to do paper shredding when I can do it right here in-house? I hear this question a lot. And the answer is pretty simple. Why? Because it will save you money.
The Attorney General has made it pretty clear that he is serious about protecting Texans from Identity theft. Businesses found in violation of the strict new identity theft laws will find themselves not only getting beat up in the press, but writing a substantial check to the state and preparing for civil lawsuits. Using a professional paper shredding service that provides a certificate of destruction allows that company an audit trail and shows compliance with the new laws.
Another reason is time. When you are paying a person six figures you sure as heck don’t want that person spending their time at the shredding machine trying to figure out how to unjam it. You can delegate the shredding duties to a low level employee, but do you really want that person to have access to the company’s most sensitive information? I think not. And what’s worse, as you can read in the press, a lot of times that employee decides it would be much easier to just dump them in the back dumpster.
Stay tuned for part II on the advantages to outsourcing your paper shredding.
June 2, 2008
Anything Texas
No Comments
From the Texas Attorney General’s website…..
New Texas laws underscore the need for businesses to be extremely careful when handling and disposing of their customers’ personal information. Simply exposing the information to the risk of identity theft carries some hefty penalties, irrespective of whether the information ended in the wrong hands.
Some of the most common ways in which businesses mishandle sensitive information is by failing to shred receipts and other documents with customers’ personal data before throwing them into the trash. Several large companies which have improperly disposed of records with information such as credit card and Social Security numbers faced swift legal action by the Attorney General. Our investigators conduct routine spot-checks around the state as part of ongoing enforcement efforts. This office also investigates other types of neglect by businesses, such as improperly safeguarded databases or Web pages through which consumers submit personal information.
Penalties against businesses who violate Texas’ identity theft provisions are substantial. For example, New provisions of Chapter 35 of the Business and Commerce Code require businesses to develop retention and disposal procedures for their clients’ personal information. The law provides for fines of up to $500 for each record that could potentially land in the wrong hands. And the new Identity Theft Enforcement Act could mean fines of up to $50,000 for each similar violation – even for a single record. Additionally, businesses that give consumers specific reassurances about how their privacy will be protected could face penalties of up to $20,000 per violation if they fail to live up to those promises.
The reason for these strict new laws is clear: They help protect millions of Texans from becoming the next victims of identity theft. The laws also help safeguard the business community at large, which is facing mounting losses as a result of identity theft.
Identity theft is the fastest growing crime in the country. According to federal statistics, more than 20,000 Texas families file identity theft complaints each year – and that number simply reflects those who are aware they are victims. For many consumers, it takes months or even years to discover they have been victimized, and by that point the harm against them is substantial. Nationally, it is believed that identity theft drains at least $50 billion from our economy – most of it attributed to losses businesses must absorb when identity thieves run up huge lines of credit and make other purchases under the name of their victims.
For consumers, becoming the victim of identity theft is an emotional nightmare. They often face countless hours filing police reports and communicating with merchants, credit card companies and credit bureaus to clear up their name. They must often defer important plans, such as purchasing a home or new car, and will find it exceedingly difficult to obtain lines of credit for months or even years.
Businesses are hit hard, too. With just a few pieces of a consumers’ personal information some criminals have been able to secure high-limit credit cards and even buy cars or homes under their victims’ names. Not only does this hurt the bottom line of the business community at large, but could ruin a small business if it extends large lines of credit to even a single identity thief.
Businesses understandably want to know what they can do to help prevent identity theft. Since a business’ size and the types of data it handles can vary widely, each business should carefully review its practices and put in place necessary measures that will prevent clients’ personal information from ending up in the wrong hands.
The following are some of the types of client information most susceptible to being mishandled or improperly discarded by businesses:
- Credit and debit card numbers
- Social Security numbers
- Bank account information
- Mother’s maiden names
- Passwords
- Dates of birth
- Account numbers within the business (i.e. membership number)
This information commonly appears in the following paper documents and electronic files:
- Receipts
- Refund forms
- Credit and employment applications
- Bank statements
- Checks / money orders
- IRS-related documents
- Personnel files
- Medical records
- Sweepstakes entry forms
- Email / Hard copy correspondence
- Disks, magnetic tape, and all other data storage devices
- Discarded computers
It’s important to note that Texas law does not take the age of the documents or information in question into account. For example, even if a credit card slip improperly thrown into the trash shows the number of an expired card, the business could still be liable under the law. Some businesses sued by the Attorney General erroneously thought that by purging documents that were many years old there was no risk to consumers. But when those files were shown to reveal full Social Security numbers, which are assigned for the life, it is clear that even “old” files can create new harm. Likewise, expired credit cards are often reissued under the same number, but with a different expiration date that an identity thief can figure out quickly through trial and error.
Each business should develop a thorough list of all the types of information it handles, who handles it, where that information is maintained and how it is disposed of when it is no longer needed. There should be clear written protocols about how to properly handle that information and how to dispose of it, which could mean:
Shredding applicable paper documents Permanently deleting electronic files Properly destroying / wiping old computers and data storage devices
Businesses should be particularly careful when disposing of storage devices and old computers. Simply hitting the “delete” button seldom erases data from a disk or hard drive permanently – savvy identity thieves can easily retrieve that information. Businesses should rely on their internal computer experts or consult with an outside vendor to explain proper permanent deletion of electronic files. It might be necessary to ask the vendor to professionally “wipe” or remove and destroy a hard drive before getting rid of an old computer or server.
Similarly, businesses that obtain consumers’ personal information through Web sites, such as accepting credit cards to purchase goods and services, should be especially careful that those pages are properly safeguarded. Because of the constantly changing nature of the Internet and the tactics used by hackers, it’s a good idea for businesses to review and update security measures for their Web sites and internal systems on a regular basis.
Businesses should constantly remind their employees and new hires about proper handling of their customers’ personal information. For example:
Restaurant waitstaff should be instructed to keep their eyes on customers’ credit cards and related receipts at all times, and not let these linger on an unattended table or bar.
Employees working for businesses that send this type of data electronically to colleagues should be reminded to double-check recipient’s address before clicking “send” on an email, to make sure they are not unintentionally sending sensitive information to the wrong people.
The threat of identity theft should be particularly impressed upon employees who travel with laptops, ensuring that the computers and disks are secure at all times, and any theft or other suspected breach should be immediately reported to management.
All businesses handling hard copies with any information that could be useful to an identity thief should keep those discarded documents in a safe place and shred them before throwing them into a publically accessible dumpster.
If in doubt, shred it. It’s going into the trash anyway.
It is also a good idea to send periodic reminders to employees, such as through email, newsletters, and clearly displayed signs. For example, some businesses that faced legal action from the Attorney General for improper document disposal agreed to send protocol reminders to all employees by periodically including corresponding notes in their paychecks.
The scenarios through which consumers’ information could end up in the wrong hands are clearly limitless, and the above are simply some examples and common-sense suggestions. Each business should develop procedures according to their size and type of information handled, and update those protocols the moment they realize new ways in which their customer’s sensitive data could fall into the wrong hands. Employees should therefore be encouraged to immediately alert management whenever they come across a situation that could put this information at risk.
The Office of the Attorney General encourages all Texans, individual consumers and businesses alike, to contact us if they discover a business that is not taking proper care of their clients’ information by calling us at 1-800-252-8011.
June 1, 2008
Anything Houston, On-Site Shredding in the Press
No Comments
While our main focus is providing Shredding route service to clients, we offer one time clean outs, also known as “Purge” service. Purge service is for companies or individuals that have accumalated documents through the years and are at the end of their lifecycle. For guidelines on how long to retain your records, please click here “Record Retention Guidelines”. You should always consult with your legal council before shredding any documents. Most of our clients who request purge service have their records stored offsite at storage facilities. Though our trucks are over 35 feet in length, we have never come across a facility that can not accomadate us. To schedule a time for us to come out to your storage facility, please call On-Site Shred at 866-584-0670
May 29, 2008
On-Site Shredding in the Press
No Comments
The Woodlands, TX - Identity theft is a real and serious danger not only nationwide, but right here in our hometown. Most of us keep our garbage receptacles outside where they sit unlocked and accessible to criminals who wish to do us harm. The amount of information that can be obtained off junk mail is enough to do serious damage to our identities’. The amount of information that can be obtained off improperly disposed of financial documents can ruin a person’s life.
The Grogan’s Mill Village Association in conjunction with On-Site Shred will be providing an answer to combat identity theft. Starting June 7th, and continuing every Saturday thereafter, On-Site Shred will be placing a truck in the Grogan’s Mill shopping center from 9 am until 12 pm. Individuals can bring up to five boxes of documents to be destroyed. The price per box is $7.00 for a standard file box and $10.00 for a Banker’s box. This service is being provided to serve the public. Businesses wishing to destroy their documents are asked to please call On-Site Shred at 281-292-2280 and set a time for the truck to come to them. No need to remove paper clips, binder clips, staples, or rubber bands. Individuals are asked to remove documents from three ring binders and remove any plastic. All the shredding is done on-site allowing individuals to witness the destruction first-hand. 100% of the waste stream is recycled keeping The Woodlands clean and green! After you finish with your shred, stop by The Farmer’s Market for some great produce and specialty items, or visit the fine shops located in the shopping center.
May 27, 2008
On-Site Shredding in the Press, Shredder
No Comments
I see it and hear it every day, my shredder just went up in smoke! Many of the so-called industrial shredders don’t quite live up to their advertising. Shredders that cost upwards of five thousand dollars should have bullet proof warranties. But as many of our clients tell us, that is not the case. There are many advantages to using an on-site shredder. The first and foremost is no shredder equipment to maintain! Never again will you have to place a call to fix your shredder. Never again will you have to call a Tech out to clear a shredder jam. Nor will you have to worry about your shredder failing during a big purge. Shredders are designed to break.
Another advantage to using an on-site shredder is employee time. Using employee time efficiently is a must in today’s highly competitive society. Using a salaried employee as a shredder is probably not the most effective way that employee could be using their time. On the flip side you could stock pile your documents and have a low level employee be used as a shredder. Using a low level employee as a shredder probably isn’t the best idea either. Using this person as a shredder allows them access to the company’s most sensitive material. All you have to do is pick up a paper to read about a corporation facing criminal and civil lawsuits because some manager assigned the shredder duties to a low level employee who found it easier to deposit the records in the back dumpster.
Still another advantage of using an on-site shredder is security. A good shredder will destroy your documents on-site and issue you a certificate of destruction. Most metropolitan areas will have a few shredders to choose from. Choosing the right shredder is crucial. Choosing the wrong shredder could result in disaster. Always check to make sure the shredder belongs to a governing body like the National Association of Information Destruction. Also make sure the shredder is accountable within the community by being part of the Better Business Bureau. Make sure the Shredder is involved in the Chamber of Commerce, and make sure you ask the shredder for a list of references. If you follow these few guidelines, you will find a good shredder.
April 7, 2008
Anything Houston
No Comments
On-Site Shred will be helping out KATY ISD D.A.R.E program. The event will take place at Tradition Bank at 1515 South Grand Parkway, Katy, Texas 77494 from 9 am – 12 p.m. on April 19th. .All proceeds will benefit the Katy ISD D.A.R.E. program. Come out and shred for a cause!
April 1, 2008
Anything Texas
No Comments
Select Medical to face charges….
It looks like the Texas Attorney General has started 2008 the way he ended 2007; prosecuting companies who fail to protect consumer’s information. Select Medical is the latest company to feel the wrath of the Texas Attorney General’s office. Select Medical is being charged with violating the State’s Identity Theft Protection Act of 2005. Thousands of documents were allegedly improperly discarded last October in Levelland Texas. The police department in Levelland discovered the documents strewn in and about dumpsters on the premises; if found guilty, Select Medical will face millions in fines. I’m always surprised to find many business owners do not know that there are actual laws on the books as to how they must dispose of business records. The following is taken from the Texas Business & Commerce Code pertaining to the disposal of Business Records (Chapter 35 and Chapter 48).
CHAPTER 35
§ 35.48. RETENTION AND DISPOSAL OF BUSINESS RECORDS.
(a)In this section:
(1)”Business record” means letters, words, sounds, or
numbers, or the equivalent of letters, words, sounds, or numbers,
recorded in the operation of a business by:
- (A)handwriting;
- (B)typewriting;
- (C)printing;
- (D)photostat;
- (E)photograph;
- (F)magnetic impulse;
- (G)mechanical or electronic recording;
- (H)digitized optical image;or
- (I)another form of data compilation.
(1-a)”Personal identifying information” means an individual’s first name or initial and last name in combination with any one or more of the following items:
- (A)date of birth;
- (B)social security number or other government-issued identification number;
- (C)mother’s maiden name;
- (D)unique biometric data, including the individual’s fingerprint, voice print, and retina or iris image;
- (E)unique electronic identification number, address, or routing code;
- (F)telecommunication access device, including debit and credit card information; or
- (G)financial institution account number or any other financial information.
(2)”Reproduction” means a counterpart of an original business record produced by:
- (A)production from the same impression or the same matrix as the original;
- (B)photograph, including an enlargement or miniature;
- (C)mechanical or electronic rerecording;
- (D)chemical reproduction;
- (E)digitized optical image;or
- (F)another technique that accurately reproduces the original.
(3)”Telecommunication access device” has the meaning
assigned by Section 32.51, Penal Code.
- (b)A business record required to be kept by state law may be destroyed at any time after the third anniversary of the date the record was created unless a law or regulation applicable to the business record prescribes a different retention period or procedure for disposal.
- (c)A state law requiring retention of a business record is satisfied by retention of a reproduction of the business record.
- (d)When a business disposes of a business record that contains personal identifying information of a customer of the business, the business shall modify, by shredding, erasing, or other means, the personal identifying information to make it unreadable or undecipherable.
- (e)A business is considered to comply with Subsection (d) if the business contracts with a person engaged in the business of disposing of records for the modification of personal identifying information on behalf of the business in accordance with Subsection (d).
- (f)A business that does not dispose of a business record of a customer in the manner required by Subsection (d) is liable for a civil penalty of up to $500 for each record. The attorney general may bring an action against the business to:
- (1)recover the civil penalty;
- (2)obtain any other remedy, including injunctive relief; and
- (3)recover costs and reasonable attorney’s fees incurred in bringing the action.
- (g)A business that modifies a record as required by Subsection (d) in good faith is not liable for a civil penalty under Subsection (f) if the record is reconstructed, in whole or in part, through extraordinary means.
- (h)Subsection (d) does not require a business to modify a record if:
(1) the business is required to retain the record
under other law; or
(2) the record is historically significant and:
(A) there is no potential for identity theft or
fraud while the record is in the custody of the business; or
(B) the record is transferred to a professionally
managed historical repository.
(i) Subsection (d) does not apply to:
(1) a financial institution as defined by 15 U.S.C.
Section 6809; or
(2) a covered entity as defined by Section 601.001 or
602.001, Insurance Code.
Added by Acts 1989, 71st Leg., ch. 955, § 1, eff. June 15, 1989.
Renumbered from § 35.47 by Acts 1990, 71st Leg., 6th C.S., ch.
12, § 2(2), eff. Sept. 6, 1990.Amended by Acts 1991, 72nd Leg.,
ch. 472, § 1, eff. Aug. 26, 1991;Acts 1995, 74th Leg., ch. 735,
§ 3, eff. Sept. 1, 1995.
Amended by:
Acts 2005, 79th Leg., Ch. 935, § 1, eff. September 1, 2005.
Acts 2005, 79th Leg., Ch. 935, § 2, eff. September 1, 2005.
Acts 2005, 79th Leg., Ch. 935, § 3, eff. September 1, 2005.
Text of section effective until April 1, 2009
CHAPTER 48
48.102.BUSINESS DUTY TO PROTECT AND SAFEGUARD
SENSITIVE PERSONAL INFORMATION.(a)A business shall implement
and maintain reasonable procedures, including taking any
appropriate corrective action, to protect and safeguard from
unlawful use or disclosure any sensitive personal information
collected or maintained by the business in the regular course of
business.
(b)A business shall destroy or arrange for the destruction
of customer records containing sensitive personal information
within the business's custody or control that are not to be retained
by the business by:
(1)shredding;
(2)erasing; or
(3)otherwise modifying the sensitive personal
information in the records to make the information unreadable or
undecipherable through any means.
(c)This section does not apply to a financial institution
as defined by 15 U.S.C. Section 6809.
Added by Acts 2005, 79th Leg., Ch. 294, § 2, eff. September 1,
2005.
Text of section effective until April 1, 2009
Source - Texas Business & Commerce Code
Next Entries »
