|
1) |
Does your company ever need to discard the
following types of paper or electronic records
that could end up in the hands of your
competitors? Price lists, customer lists, sales
statistics, employee information, memos, account
data, drafts of bids and correspondence,
contract information, purchase orders, training
information. |
| |
Yes
No
|
| |
|
|
2) |
Do you periodically need to destroy credit
reports, credit scores, credit card information,
checks, employment records, insurance claim
information, residential addresses and telephone
numbers, medical records, dental records,
payment histories, tax statements, or other
types of financial, legal, medical or personal
information? |
| |
Yes
No |
| |
|
|
3) |
Do you have policies and procedures in place to
ensure that confidential information is properly
destroyed so others can’t access it? |
| |
Yes
No |
| |
|
|
4) |
Are you aware of your company’s risk for
criminal and/or civil prosecution due to
inadequate data and confidential information
disposal practices? |
| |
Yes
No |
| |
|
|
5) |
Has
your company ever experienced a fraudulent
incident as a result of improper disposal of
confidential information? |
| |
Yes
No |
| |
|
|
6) |
Are you fully aware of your obligations under
the Fair Credit Reporting Act (FACTA) to protect
the consumer information you collect? |
| |
Yes
No |
| |
|
|
7) |
Are you aware of your responsibilities to help
prevent identity theft under FACTA’s Red Flag
Rule? |
| |
Yes
No |
| |
|
|
8) |
Does your company use a portable strip shredder
to destroy confidential printed data? |
| |
Yes
No |
| |
|
|
9) |
Did you know that software exists to readily
assemble strip shredded information? |
| |
Yes
No |
| |
|
|
10) |
Do you place unneeded confidential information
(shredded or unshredded) in with other
recyclable paper or trash for routine pick-up by
your waste or recycling hauler? |
| |
Yes
No |
| |
|
|
11) |
Has your company taken steps to securely dispose
of computer hard drives that may contain
confidential data? |
| |
Yes
No |
| |
|
|
12) |
Are you aware of what types of businesses need
to comply with the Health Insurance Portability
and Accountability Act (HIPPA) regulations? |
| |
Yes
No |
| |
|
|
13) |
If your company is subject to HIPPA regulations,
do you have appropriate procedures in place to
avoid fines up to $1.5 million per violation for
the improper destruction of paper and electronic
data? |
| |
Yes or Not Applicable
No |
| |
|
|
14) |
If you are subject to HIPPA regulations, do you
have a Business Associate (BA) Agreement signed
with your service provider? |
| |
Yes or Not Applicable
No |
| |
|
|
15) |
Do you know precisely how your confidential
information is disposed of after it’s picked up
by a waste hauler or document shredding company
and do you receive a Certificate of Destruction
from the provider? |
| |
Yes
No |
| |
|
|
16) |
When disposing of confidential printed or hard
drive data, does your company work with a
document destruction company that is certified
by the National Association for Information
Destruction (NAID)? |
| |
Yes
No |
| |
|
|
17) |
Are the containers where you collect
confidential information locked and protected
from unauthorized access? |
| |
Yes
No |
