So you’ve taken the precautions to ensure your company’s compliant, but how are your partners protecting data? A USA Today survey of 40 banks found:
* Fewer than half of the banks surveyed said they conduct any on-site assessments of third-party vendors.
* Roughly one in five banks don’t conduct on-site assessments of the service providers.
* One-third of the institutions surveyed don’t require third-party vendors to mandate similar cyber security requirements on their own subcontractors.
Information destruction is required by several federal and state laws, including: Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley, Fair and Accurate Credit Transactions Act (FACTA), Vermont’s Protection of Personal Information Law and others. So while your company may be compliant, how do you ensure your partners are?
Relationship Risk – What is your 3rd party vendor doing for you? Exactly how are they protecting your most important asset – your data?
Business Profile Risk – Who are you doing business with? What is their financial strength, breach history or any indication of security lapses.
How are they protecting information? – If you’re looking for a 3rd party to shred, are they NAID certified? SecurShred is the first Vermont-based company AAA NAID certified for mobile and plant-based destruction of paper documents and hard drives.
End-to-End Security – Is your shredding company providing locked recycle bins? Are their security professionals bonded to remove your information and dispose of it properly and securely?
Certificate of Destruction – Having the peace of mind that comes with a company backing up their shredding and hard drive destruction with a certificate helps you in the wake of a security breach.
Make an appointment and we’ll be happy to ensure not only your company has the best systems in place for information destruction, but you have a 3rd party partner with the highest level of compliance in the industry.