When Considering Data Security—Don’t Forget About Paper Documents
October is National Cybersecurity Awareness Month, which presents the perfect opportunity for organizations to consider how they keep their confidential information safe. Although taking a close look at electronic data security is important, companies should pursue a more all-encompassing strategy. In particular, they should include a review of physical security processes that safeguard paper documents and electronic devices housing protected information.
This recommendation is not only a best practice, but is backed by the results of our recent Shred-it solutions survey, conducted by the Ponemon Institute, that examines organizations’ policies regarding the protection of confidential workplace documents. According to the survey findings, 68 percent of respondents say their organization experienced a data breach in the past 12 months. Of those respondents, 69 percent say one or more of the breaches involved the loss or theft of either paper documents or electronic devices that contained sensitive and/or confidential information. Given these statistics, it is clear that organizations should include an examination of physical security procedures in their security assessments to ensure holistic risk mitigation that addresses all threats.
Healthcare Organizations Face Particularly Unique Challenges
While data security and data protection should be a concern for all organizations, several findings from our survey underscore the critical importance of using caution in the healthcare space, particularly with paper documents. Because healthcare organizations have to safeguard patient health information and avoid HIPAA (Health Insurance Portability and Accountability Act) violations, in addition to preserving the safety of confidential business, financial and operational documents, they can have more regulatory and security considerations than some other less regulated industries.
Despite the prevalence of electronic health records, most hospitals still use paper as well as electronic tools for patient care. Unfortunately, nearly 70% of healthcare managers surveyed are not confident that their organization is able to govern the use, protection and disposal of paper documents. In fact, 63% of healthcare managers are concerned that their employees or contractors have printed and left behind a document that could lead to a data breach, and 69% have picked up or seen a paper document in a public space that contained sensitive or confidential information. Without strong policies and procedures for using, protecting and disposing of paper documents, healthcare organizations can not only hurt themselves, but also cause harm to the patients they work hard to care for.
Critical insights drive continuous improvement
This survey with Ponemon, along with our proprietary annual Shred-it Data Protection survey helps us to better understand how companies—including healthcare organizations—manage data security and protect the confidentiality of electronic and paper documents. We use the valuable insights generated by these surveys to ensure our Shred-it solutions fully meet your needs. We are constantly evaluating our solutions suite, including paper shredding, hard drive destruction, staff education and workplace privacy policies, to make certain they effectively mitigate risk and help organizations remain secure and compliant. To learn more about how Stericycle’s comprehensive Shred-It solutions can help your company preserve information security, visit https://www.shredit.com