News

5 Tips for Choosing a Data Services Provider

July 17, 2019

Businesses that value privacy protection grow and thrive. But it takes a team effort, which is why choosing a reputable and dependable data services provider is the key to success. In this blog, we offer several tips for making the right choice.

1. Understand Your Data Privacy Requirements

Every company has different data storage and data privacy requirements. You can’t choose a data services provider without knowing yours. Be aware of the personal information your company stores. Understand how you use the data collected from your customers and who has access to it. And don’t forget to know the privacy laws that affect your organization.

2. Plan for Worst-Case Scenarios

No business is immune to data privacy threats. The right data services provider reduces your breach exposure and minimizes the damage if your organization is attacked. Look for a provider who assesses your risk profile and offers a breach reporting solution.

3. Consider Your Final Disposition Needs

When your media reaches the end of its useful life, it should be destroyed. Look for a data services provider who protects your media during its retention lifespan and destroys it when a final disposition date is reached.

4. Check the Quality of Your Provider’s Facility

Digital storage media, such as backup tapes and hard drives, is sensitive. Excessive heat/cold, moisture/dryness, dust, dirt, and mishandling can damage your data. Make sure your data service provider’s storage facility is climate controlled and secure. It should have 24/7 surveillance technology with monitoring and built-in fire and smoke protection systems. Every person handling and transporting your data should be background-checked, professionally-trained, and required to sign a confidentiality agreement.

5. Think Local

There are many benefits to partnering with an independent, locally-owned data services provider. First, you receive personalized attention since they can offer security solutions tailored to your business. You receive prompt and dependable service and exceptional customer care. Second, a locally-owned data services provider adapts to your needs better than their national and global counterparts. Instead of making you fit their service, they build customized and scalable solutions tailored to your needs. Third, choosing a local provider strengthens your community’s economic base. They invest the dollars you spend with them back into your community.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington, and Northern Idaho. For more information about professional records management, please contact us by phone or complete the form on this page.

Current and Future Privacy Laws That May Affect Your Business

June 20, 2019

As corporate data breaches spiral out of control, consumers are demanding stricter protection standards for their personal, financial, and medical information. This presents a challenge for businesses. Keeping up with an alphabet soup of privacy regulations isn’t easy. In this blog, we highlight several common privacy laws and outline your obligations for meeting each of their requirements.

FACTA

The Fair and Accurate Credit Transaction Act (FACTA) applies to financial institutions and their obligation to protect personally identifiable information (PII). FACTA’s Disposal Rule requires proper disposal of information to protect against “unauthorized access to or use of the information.” Under FACTA’s Red Flags Rule, financial institutions must create and implement a written Identity Theft Prevention Program to help detect and prevent identity theft. Failure to comply with FACTA can lead to fines of up to $1,000 per individual violation, even if a consumer did not suffer damages from identity theft. Since most businesses collect some form of sensitive financial information, such as credit applications, it’s important to maintain a strict chain of custody during the retention lifecycle, including final disposition. Partnering with a records services company significantly reduces your risk of FACTA non-compliance and the associated penalties.

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) affects any organization collecting protected health information (PHI). The US Department of Health and Human Services’ Office for Civil Rights (OCR) oversees enforcement of HIPAA, levying fines against organizations that fail to comply with its medical privacy requirements. HIPAA’s Privacy Rule and Security Rule requires covered entities and business associates to implement physical, administrative, and technical safeguards for PHI, including secure destruction of expired medical records. Keep in mind, primary care providers, hospitals and or other healthcare related organizations aren’t the only entities affected by HIPAA requirements; any business providing services to healthcare organizations must abide by HIPAA rules.

GLBA

The Gramm-Leach-Bliley Act (GLBA) is a consumer protection law requiring companies to protect consumer financial data collected from their customers. GLBA’s Financial Privacy Rule requires businesses to maintain a written privacy policy explaining:

  • Data collection purposes
  • Data sharing standards and procedures
  • Data protection and privacy practices

For help drafting a privacy policy, consult with a lawyer or a qualified records management provider.

CCPA

The California Consumer Privacy Act (CCPA) was passed in 2018 and is scheduled to go into effect in 2020. CCPA is poised to become the nation’s strictest privacy law, requiring companies to be transparent about what consumer data they collect and how they use it. CCPA won’t only apply to California-based businesses. Any organization collecting large amounts of data from California residents will be affected by the law. In the meantime, several other states are considering laws similar in scope to CCPA. In fact, Washington state senators recently passed Senate Bill 5376, which gives consumers greater rights and controls over data collected from businesses. Partnering with a records management vendor who offers breach readiness and reporting services can help your business comply with CCPA, Senate Bill 5376, and other current and future privacy regulations.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington, and Northern Idaho. For more information about professional records management, please contact us by phone or complete the form on this page.

The Risks of Storing Documents In-House

May 15, 2019

Risk assessment, decision to accept business result in uncertainty, unpredictable situation concept, cube wooden block with alphabet building the word RISK.Businesses rely on paper records to support their administrative needs and legal requirements. Many organizations store them wherever they can find space, including boxes, closets, shelves, drawers, file cabinets, etc. But these storage options come with a host of problems. In this blog, we discuss the risks of storing documents in-house.

Security

If you’re not careful, paper documents can fall into the wrong hands. A thief breaking into your office isn’t the only risk. Insider theft of hard copy records is one of the leading causes of physical security breaches. The best way to prevent external and internal security threats to paper documents is with a secure, offsite storage solution.

A records storage service offers unrivaled protection and preservation for both active and archival business records. Your documents are stored in a records center equipped with advanced surveillance technology. Background-screened and uniformed records management professionals follow a strict chain of custody when managing your documents. An advanced barcode system tracks your records inventory throughout the retention lifecycle. Your documents are picked up and delivered with GPS-tracked, alarmed, auto-locking vehicles.

Disaster Exposure

Paper documents are susceptible to damage from water, fire, and natural disasters. In-house storage increases exposure to these risks. Companies often store archival record inventories in flood-prone areas, under sprinklers, or near electrical outlets and equipment. A records center is built with concrete floors, walls and ceilings able to withstand extreme weather and natural disasters. Flammable materials are prohibited in a records center, and your documents are stored on specialized racking systems designed for their long-term preservation.

Non-Compliance

The following regulations determine document storage requirements for businesses:

  • Sarbanes-Oxley (SOX)
  • The Fair and Accurate Credit Transaction Act (FACTA)
  • Gramm-Leach-Bliley Act (GLBA)
  • The Health Insurance Portability and Accountability Act (HIPAA)

Without an in-house compliance expert, your company risks non-compliance penalties and fines. Partnering with a records storage provider helps you navigate a complex regulatory landscape and comply with state and federal laws.

Increased Overhead Costs

Rising office lease rates and labor costs make in-house document storage expenses unsustainable. Fortunately, your documents can be stored and professionally managed far more cost-effectively in a records center. For a flat fee, you receive a comprehensive document storage and records management solution.

Lost Productivity

In-house document storage often leads to file mismanagement. Most small businesses don’t have the budget to invest in an expensive document management system. A records management provider keeps your documents organized and accessible. Your retention data is added to a records management database, and an integrated web-based application offers authorized end users 24/7 online access to records with the ability to schedule pickups and deliveries of documents any time.

If you’re storing your documents in-house, consider outsourcing your storage to qualified professionals.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington and Northern Idaho. For more information about professional records management, please contact us by phone or complete the form on this page.

What Your Employees Need to Know about Data Privacy

April 16, 2019

professional pretty female office worker wearing headset talking with customer and typing data into online system to solve cyber security problem.What do your employees understand about data privacy? Are they putting your customers, vendors or even themselves at risk? In this blog, we discuss key data privacy factors your employees need to know.

Data Privacy Is the Law

Several federal well-known federal laws mandate how companies must store, send, and dispose of personally identifiable information (PII) and protected health information (PHI), including:

  • HIPAA
  • FACTA
  • FERPA
  • GLBA

Failure to comply with these regulations may result in fines and/or penalties, so your employees need to the know the requirements of each law that applies to your organization. Regular training sessions can help your staff stay abreast of privacy compliance regulations.

Data Stored on Electronic Devices is Vulnerable

Data stolen from corporate hard drives, tapes, laptops, and mobile devices fetches top dollar on the black market. As a result, it’s important for employees to maintain a chain of custody for devices issued to them and understand the ramifications if those devices leave their possession. Outdated or unusable devices should never be thrown in the trash or recycled without physical destruction. A media destruction service allows for secure data disposal across your organization. Your unwanted digital devices are professionally destroyed, and you receive a Certificate of Destruction.

Passwords Can Be Broken

Weak password security still poses big problems for small businesses. Easy-to-remember passwords are the most vulnerable to hacking, so your employees should use passwords that combine letters, numbers, and non-alphanumeric characters. A password management application can generate strong, encrypted passwords that are impossible to crack.

Communication is Key

Solid communication is the cornerstone to an effective data privacy plan. As an employer, you’re responsible for talking to your employees about data privacy risks. In turn, your employees are responsible for promptly reporting suspicious emails, links, and attachments to their supervisor. The longer your people take to report threats, the greater the potential for widespread damage.

Nothing Posted on Social Media Is Private

Your employees should use discretion when posting to personal and corporate social media platforms. Every Twitter, Facebook, Instagram, and most other social media posts are discoverable. Cybercriminals scour personal and corporate social media posts for morsels of published information that disclose confidential or proprietary information that can be used for social engineering attacks. Having a social media policy can help define security standards and codes of conduct that reduce privacy risks from expanding to full blown attacks.

For more data protection tips, please contact us by phone or complete the form on this page.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington and Northern Idaho.

5 Document Disposal Mistakes to Avoid

March 7, 2019

Avoid Mistake words in 3d letters and a green arrow over the word to illustrate preventing a problem, error, difficulty or inaccuracyAs a business owner, privacy protection falls squarely on your shoulders. If sensitive information is stolen and compromised on your watch, you and your company can face serious legal and financial repercussions. Here are five document disposal mistakes you should avoid at all costs:

1. Ignoring Final Disposition Dates

Keeping documents longer than necessary is a mistake, but so is getting rid of them too soon. Always verify a document’s retention timeframe before disposing of it. If your organization doesn’t have a formal records retention policy, seek the services of an attorney, accountant, or certified records management professional.

2. Using Office Shredders

You can toss a document into a trash can faster than you can shred it. Office shredders are slow and prone to paper jams.If you want to minimize privacy breach risks in your business, document disposal must be quick, easy, and secure.

A paper shredding service makes it easy for your employees to discard confidential documents. Secure collection containers are delivered to your office free of charge. A variety of styles and sizes are offered to match your office décor and document disposal volume. No matter which size or style you choose, collection containers allow your employees to discard sensitive documents securely and without having to remove staples, sticky notes, and paperclips.

3. Recycling without Shredding

Never discard documents with personally identifiable information (PII) in a recycling bin. Helping the planet is important, but so is protecting customer and employee privacy. A shredding service offers a solution for destroying paper documents and recycling shredded waste.

4. Ignoring Privacy Law Requirements

Several federal laws mandate how companies must dispose of confidential patient, client, and employee information, including:

  • HIPAA
  • FACTA
  • FERPA
  • GLBA

Failure to comply with these regulations may result in fines and/or penalties. Know each law’s requirement about the disposal of PII and protected health information (PHI).

5. Not Partnering with a NAID AAA Certified Shredding Company

Anyone can buy a shred truck and shred documents, but not every shredding provider is NAID AAA Certified. NAID stands for the National Association of Information Destruction, the non-profit, standards-setting authority for the information destruction industry. A NAID AAA Certified paper shredding company must meet the highest industry standards for the destruction of paper records. In order to achieve NAID AAA Certification, a shredding company must pass unannounced, ongoing audits that assess many aspects of their operation, including:

  • Employee screening processes
  • Insurance requirements
  • Written security policies and procedures
  • Certified proof of shredding processes

Partner with a NAID AAA Certified shredding company to make sure you documents are collected, handled, and destroyed with unparalleled security and ethics.

DeVries Business Services proudly provides NAID AAA Certified paper shredding services and information management services to businesses in Spokane, Eastern Washington and Northern Idaho.

5 Tips for Choosing a Scanning Service Provider

February 14, 2019

The phrase Five Things You Should Know written in white chalk on a blackboard as a reminder to prepare and set prioritiesAre you considering going paperless? Choosing a scanning services provider can be stressful. Not every scanning company meets the criteria you deserve. In this blog, we offer five helpful tips for choosing a scanning services provider.

1. Verify Experience and Ability

Document scanning requires more than technology; experience and ability are just as important. You don’t want a fly-by-night company handling your sensitive documents. Look for a reputable provider who has long-term experience serving businesses in your community.

2. Demand Security

Your information deserves a strict chain of custody to keep it secure. Only well-trained, background-checked, uniformed and badged professionals should handle, transport and scan your documents. The scanning facility should be equipped with state-of-the-art surveillance systems and secure loading and unloading areas that allow for discreet delivery of documents to and from the scanning facility. If you visit the scanning facility, you should be required to show identification and sign a confidentiality agreement before being permitted escorted access.

3. Make Sure Prep is Included

If your paper records aren’t properly prepared and organized, they can’t be scanned. Staples and paperclips must be removed from documents. Torn and dog-eared pages need to be repaired. Multi-page files must be placed in the proper order. Although time consuming and laborious, these steps are necessary for accurately converting your hard copy records to digital files.

Make sure your scanning provider can handle this process so you can focus on other important tasks. Besides making sure your documents can be scanned, scanning technicians also create a verifiable record of which box each individual page came from and bar code each file so it can be linked to a digital database.

4. Ask for References

If you’re considering a scanning solution for your accounting firm, you need a provider who has a proven track record of working with other accounting firms. That’s why it important to talk to a prospective provider’s clients. Use your network to find out if other local businesses have used their services. Don’t be reluctant to ask for references.

5. Ensure a Post-Scanning Solution

You may need your original paper records destroyed or stored after the scanning project is completed. Verify whether your scanning service provider offers records storage or NAID AAA Certified paper shredding. That way, you can achieve an end-to-end, single-source solution for your information.

For more tips on choosing a scanning services provider, please call us or complete the form on this page.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington and Northern Idaho.

5 Important Questions to Ask a Records Storage Provider

January 16, 2019

wooden-question-marksIn today’s fast-paced and competitive business environment, it’s important to have the right information at the right time. A records storage service offers a cost-effective and secure solution for ensuring seamless access to—and protection for—your documents. But not all records storage providers are equal, especially when it comes to security, expertise and professionalism. So, when selecting a records storage provider, we suggest that you ask the following five questions:

1. How long have you been in business?

You don’t want a fly-by-night company handling your sensitive files and documents; you want a provider with longstanding experience serving companies like yours. Find out when your records storage provider opened its doors, ask them to provide client references, and contact those references.

2. Are you locally owned?

When you buy from an independent, locally-owned business rather than a national or regional business, significantly more of your money stays in the community and is used to make purchases from other local businesses and service providers. Partnering with a locally-owned records storage provider strengthens the economic base of your community.

3. How are my documents protected?

Identity theft and business fraud are big problems, and paper documents are just as susceptible as electronic data. It’s important to verify where and how your documents will be stored. A records center should be solidly constructed with concrete floors, walls and ceilings, and able to withstand extreme weather and natural disasters. Only background-screened and uniformed records management professionals should be allowed inside. Verify whether your provider’s record center is protected with the following equipment:

  • Climate control systems
  • Fire detection and prevention technology
  • Security cameras

Your records should be picked up and delivered using strict chain of custody procedures, in GPS-tracked, alarmed and auto-locking vehicles.

4. How are my records tracked?

You deserve to know what you’re storing with your records storage provider, how much space you’re using, and when your documents are scheduled for destruction. Only partner with a records storage company that uses cutting-edge records technology to track and manage your documents and support your information management needs.

5. When can I access my storage inventory?

Storing your documents off-site doesn’t mean you have to give up easy access to them. You should be able to request your documents 24/7/365 through a secure online portal and have them hand delivered to your office or sent electronically by Scan on Demand that same day.

A records storage service can save your business time and money. To choose the right provider, ask the five crucial questions we’ve shared here. DeVries Business Services proudly serves businesses in Spokane, Eastern Washington, and Northern Idaho.

Security Tips for National Identity Theft Prevention and Awareness Month

December 11, 2018

The holiday season is in full swing, which means more purchases for consumers and more sales for retailers. It’s also the time of year when small businesses and shoppers are most at risk of identity theft and fraud, so it’s no surprise December is National Identity Theft Prevention and Awareness Month. Here are our tips to help you keep your business and personal information safe.

Assess Your Risk Exposure

According to data security experts, every business will be breached eventually. Your risk exposure is especially high during the holiday season, so you have to be proactive. A breach reporting and readiness service can help you assess and reduce the risk of data breaches. Data protection experts monitor and audit data breach threats for you, train your staff on privacy protection practices, and implement breach notification protocols for your company.

Update and Backup

As the volume of transactions increases during the holiday season, protecting customer data becomes more difficult. Unpatched systems and computers offer a gateway to hackers and cybercriminals. As a result, it’s important to stay on top of updates and check for holes in your network. Install software security patches as soon as they’re released, make regular backups of your data, and invest in an offsite tape/media storage solution.

Destroy Your Paper Documents

In a world where cybercrimes are prevalent, ignoring low-tech information security threats is common. But thieves still rummage through residential trash bins and corporate dumpsters looking for carelessly-discarded confidential documents. Always shred the following records when they’ve reached the end of their retention period:

Partner with a NAID AAA Certified shredding company to make sure these documents are destroyed securely and efficiently. Your shredding partner can implement a scheduled shredding solution at work and a residential shredding solution at home to prevent your personal, medical and financial data from being compromised.

Educate Your Customers

Phishing scams are everywhere during the holiday season. A cybercriminal could pose as a representative of your company to send an unsuspecting customer a malicious link. Now is the time to remind your clients you will never ask for passwords or other sensitive information via email, phone or text. Always use caution and check with the source before taking any action.

Whether you’re a consumer or business owner, don’t let identity theft ruin your holiday cheer.

For more identity theft and business fraud prevention tips, please contact us by phone or complete the form on this page.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington, and Northern Idaho.

5 Questions to Ask a Data Services Provider

November 15, 2018

businessman thinking with question marks written on adhesive notes stuck to a brick wallPart of running a successful business is making sure your information and the medium it’s stored on is secure. So, finding a dependable data services provider is a must. In this blog, we offer five critical questions to ask a data services provider.


1. Is my media stored in a climate-controlled facility?

Excessive heat/cold, moisture/dryness, dust and dirt particles can damage or destroy your storage media. The key to preserving your media—and ultimately, your data—is to store and transport it in optimal atmospheric conditions. Choose a data service provider with a climate-controlled media storage facility and a transport process designed to safeguard your data from physical damage as well as theft.

2. Who has access to my critical data?

Stringent security standards should be applied to protect your data from unauthorized access. Assess your data service provider’s employee screening practices. Each person handling and transporting your data should be background checked, professionally trained, and required to sign a confidentiality agreement.

3. How do you manage my media?

Some data service providers only store your media, which means its management falls squarely on your shoulders. That’s a time-consuming and delicate responsibility. If you want to a comprehensive data protection and media management solution, ask whether your prospective provider offers the following value-added services:

  • Tracking of your storage media’s use and performance over time
  • Systematically adding new media and retiring old media
  • Assessing the condition of your critical data

4. Do you offer media destruction services?

When your media reaches the end of its useful life, it should be destroyed. Partner with a data services provider who can protect your media during retention and destroy it properly when it reaches it a final disposition date.

5. Can you help me with other privacy services?

Not every data service provider can help your business reduce the risk of a data breach, and even fewer can help your business in the event of an actual or suspected breach. You want a data service provider that reduces your risk and in case a breach does happen, takes the hassle out of reporting the loss of personally identifiable information (PII) to an ever-increasing number of authorities. If you want to reduce your breach exposure and comply with state and federal privacy regulations, select a data service provider who assesses your risk profile and provides the resources your organization needs to stay compliant.

For more tips on choosing a trustworthy data services provider, please contact us by phone or complete the form on this page.

DeVries Business Services proudly serves businesses in Spokane, Eastern Washington, and Northern Idaho.

PRISM Privacy+ Certification: Why It’s Important

October 19, 2018

Choosing a records management provider isn’t easy. You need security, dependability, and experience. Sometimes, the choice between two qualified records management companies comes down to one deciding factor: Privacy+ Certification In this blog, we highlight several ways working with a Privacy+ Certification records management provider benefits your business.

What is Privacy+ Certification?

Privacy+ Certification is administered by Professional Records and Information Services Management (PRISM) International, a trade association for commercial information management companies. PRISM awards Privacy+ Certification only to companies that meet or exceed the highest standards for information protection. A third-party auditor assesses Privacy+ Certified companies internal privacy controls every two years to verify ongoing compliance with PRISM’s Privacy+ Certification program.

Businessman use Laptop with interface of padlock and cloud computing technology, Cyber Security Data Protection Business Technology Privacy concept, Internet Concept of global business.Oversight and Accountability

Records management providers are supposed to help businesses protect confidential records and data, but not all records management companies have the organizational processes, structure, and capability to ensure information protection. Privacy+ Certification is awarded to records management providers who follow organizational structures with clearly-defined employee roles and responsibilities. They must demonstrate strong managerial oversight of their staff to ensure information management and privacy protection measures are verifiable and measurable. This ensures their clients’ records and data are handled, transported, stored, and destroyed securely.

Security

Big and small businesses are increasingly under threat from identity theft and fraud scams. When you entrust your records to a third party, you need unwavering assurance that the confidentiality of your information is upheld. By partnering with a Privacy+ Certified records management company, you know your information is protected from unauthorized access. A Privacy+ Certified records management provider invests in people, places, and systems that safeguard your records, including:

  • Secure records centers
  • GPS-tracked and alarmed delivery vehicles
  • Background-checked, HIPAA compliance-trained employees
  • Documented chain of custody procedures
  • Advanced document management and barcode tracking software

Each of these “controls” is audited by an independent third party as part of an overall risk management assessment.

Regulatory Compliance

If your company must comply with global privacy regulations, you want a records management provider who does, too. A Privacy+ Certified records management company complies with the following global regulations:

If you want a records management provider who doesn’t just store barcoded boxes on shelves but is globally recognized for meeting a higher standard, choose a Privacy+ Certified records management company.

DeVries Business Services is the first records management firm in Washington state to be awarded PRISM Privacy+ Certification.

We proudly serve businesses in Spokane, Eastern Washington and Northern Idaho.

Info or Quote Request

  • This field is for validation purposes and should be left unchanged.
Quick Contact Info
Business Hours
Helpful Links
Proudly Associated With
Quick Contact Info
601 E. Pacific Ave,
Spokane, WA 99202
Washington: (509) 838.1044
Idaho: (208) 765.4397
Toll Free: 1.866.433.4691
Business Hours

Office Hours:
M-F 7:30am-4:30pm

Drop Off Shredding Hours:
M-F 8:00am-4:00pm

Proudly Associated With