Press release
Recycling Poses Information Security Risk
In an ideal world, recycling IT assets or sensitive documents would not pose a security threat. Unfortunately, as a Toronto Health Clinic recently learned, the world is far from ideal. In a widely publicized incident, the clinic’s private health records were literally blowing in the wind on a downtown Toronto street being used for a movie set. The clinic’s paper-disposal provider, which offers both shredding and recycling services, mistakenly believed these documents were to be recycled. The company subcontracted the paper to another recycling company, which in turn sold it to the film production company.“Recycling has merit – but it does not necessarily provide security,” says dataXile principal Joseph Bozic. Mr. Bozic, whose company provides secure data disposal for IT equipment, adds, “Similar breaches could occur with electronic data stored on IT assets. While there are numerous recyclers in the market interested in recovering value from discarded computer equipment, few of these companies are concerned with the secure destruction of the information stored on that equipment.”
As the Toronto health clinic and its paper disposal provider discovered, this is bad for business in more ways than one. Upon investigation, both organizations were deemed to have violated Ontario’s Personal Health Information Protection Act (PHIPA), prompting Ontario Privacy Commissioner Dr. Ann Cavoukian to issue the first order under the new law.
Mr. Bozic commented, “The incident is disappointing, but sadly it doesn’t really surprise me. It is becoming increasingly important for both firms and service providers to ensure they have done their due diligence. Whether service providers are destroying paper documents or electronic ones, questions need to be asked and answered. Issues like collection, process, and the use of any subcontractors and their practices must be addressed. If you do not feel comfortable with the answers, keep shopping until you feel confident in your provider.”
Despite being the first two companies to face an order under PHIPA, Mr. Bozic feels they were fortunate. “Neither the clinic nor the paper disposal company were publicly identified. Future violators may not be as fortunate and many organizations would find that kind of publicity especially devastating.”
About dataXile Corporation:
Toronto-based dataXile Corporation is an information security company specializing in secure electronic data disposal. The company understands the risks and challenges associated with secure electronic information destruction and is committed to eliminating them.
For more information contact:
Joseph Bozic, Principal
dataXile Corporation
416-657-8877
www.dataXile.com
information@dataXile.com
This release was published on openPR.
Permanent link to this press release:
Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Recycling Poses Information Security Risk here
News-ID: 3373 • Views: …
More Releases from dataXile Corporation
Hard Drive Destruction Gaffe Easily Avoided
Toronto, ON (July 17, 2006) -- Hank Gerbus of Cincinnati made several requests of a leading electronics retailer to destroy personal information stored on the malfunctioning hard drive he was returning. Regrettably, the popular North American retailer failed to do this. Even worse, after assurances from the retailer that the hard drive would be destroyed, it was actually resold with all of the data still intact. The individual who eventually…
dataXile Executive to Introduce Ontario Privacy Commissioner at Toronto NAID Con …
dataXile Corporation announced today that company president Joseph Bozic will introduce Ontario Information and Privacy Commissioner Dr. Ann Cavoukian at the NAID Information Protection and Destruction Conference on March 8, 2006. NAID, which stands for National Association for Information Destruction, is focusing the event on Risk Management and Compliance Fundamentals. Dr. Cavoukian is the keynote speaker for the conference being held at the Mariott Bloor Yorkville hotel in Toronto. In…
Electronic Data Destruction Poised for Growth
Paper shredding is an established business service but it is not a complete information destruction solution. Organizations would be wise to remember this, especially with legislation governing privacy and data protection more stringent than ever. Countless IT assets in virtually every company in every industry store massive volumes of data. Securely destroying this information takes significant resources. For these reasons, many observers believe electronic information destruction is poised for growth.…
More Releases for Bozic
Hard Drive Destruction Gaffe Easily Avoided
Toronto, ON (July 17, 2006) -- Hank Gerbus of Cincinnati made several requests of a leading electronics retailer to destroy personal information stored on the malfunctioning hard drive he was returning. Regrettably, the popular North American retailer failed to do this. Even worse, after assurances from the retailer that the hard drive would be destroyed, it was actually resold with all of the data still intact. The individual who eventually…
dataXile Executive to Introduce Ontario Privacy Commissioner at Toronto NAID Con …
dataXile Corporation announced today that company president Joseph Bozic will introduce Ontario Information and Privacy Commissioner Dr. Ann Cavoukian at the NAID Information Protection and Destruction Conference on March 8, 2006. NAID, which stands for National Association for Information Destruction, is focusing the event on Risk Management and Compliance Fundamentals. Dr. Cavoukian is the keynote speaker for the conference being held at the Mariott Bloor Yorkville hotel in Toronto. In…
Electronic Data Destruction Poised for Growth
Paper shredding is an established business service but it is not a complete information destruction solution. Organizations would be wise to remember this, especially with legislation governing privacy and data protection more stringent than ever. Countless IT assets in virtually every company in every industry store massive volumes of data. Securely destroying this information takes significant resources. For these reasons, many observers believe electronic information destruction is poised for growth.…
