LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Use of dirty paper - Found word(s) list error in the Text body
From:	Tod Chernikoff <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Wed, 4 Nov 2009 11:14:13 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (118 lines)

Lauren:

Would the people using the "dirty paper" otherwise have access, as needed, 
to the information on the dirty side of the paper?  If so, that may be the 
pushback you get from management, or others in favor of the current state.

I still see many issues as identified by others on the list, inadvertent 
scanning of the dirty side, bleed through in scanning, generally bad 
business practice.

Tod Chernikoff, CRM

--------------------------------------------------
From: "Link, Gary M." <[log in to unmask]>
Sent: Wednesday, November 04, 2009 11:02
To: <[log in to unmask]>
Subject: Re: [RM] Use of dirty paper - Found word(s) list error in the Text 
body

Lauren,

There do exist laws that govern the security and/or disposal of personal 
information of other people. Here are some sections of an outline of a talk 
I recently gave on the subject:

* HIPAA:

45 CFR 160.103  "Business Associate" - "Provides, other than in the capacity 
of a member of the workforce of such covered entity, legal, actuarial, 
accounting, consulting, data aggregation (as defined in §164.501 of this 
subchapter), management, administrative, accreditation, or financial 
services to or for such covered entity, or to or for an organized health 
care arrangement in which the covered entity participates, where the 
provision of the service involves the disclosure of individually 
identifiable health information from such covered entity or arrangement, or 
from another business associate of such covered entity or arrangement, to 
the person."

* FACTA:

"Any person who maintains or otherwise possesses consumer information for a 
business purpose must properly dispose of such information by taking 
reasonable measures to protect against unauthorized access to or use of the 
information in connection with its disposal."

Consumer information -- means any record about an individual, whether in 
paper, electronic, or other form, that is a consumer report or is derived 
from a consumer report. Consumer information also means a compilation of 
such records. Consumer information does not include information that does 
not identify individuals, such as aggregate information or blind data.

FACTA is codified into 16 CFR 682

* Gramm-Leach-Bliley Act:

Applies to financial institutions. Purpose is to protect customer 
information. It is codified into 16 CFR 314 Standards for Safeguarding 
Customer Information.

16 CFR 314.2(d) Service Provider - "any person or entity that receives, 
maintains, processes, or otherwise is permitted access to customer 
information through its provision of services directly to a financial 
institution that is subject to this part."

16 CFR 682.3(b)(5) - says any institution subject to G-L-B Act must 
incorporate the information destruction standards of FACTA

You should alert your management to the existence of these laws when you 
discuss re-using paper with other peoples' information on it.

Gary Link, CRM
Pittsburgh, PA

-----Original Message-----
From: Lauren K. Glaettli [mailto:[log in to unmask]]
Sent: Wednesday, November 04, 2009 10:41 AM
To: [log in to unmask]
Subject: Re: [RM] Use of dirty paper - Found word(s) list error in the Text 
body

I apologize for not defining my terminology.  By dirty paper I mean paper 
that has been printed on one side and then that information was deemed no 
longer needed.  Then the paper is turned over and used again.  Many times 
this leads to one piece of paper that includes information for two different 
clients and since we work with employee benefit plans both sides of the 
paper have SSNs for two different clients.

And to answer John - Yes, there have been instances that when scanned the 
backside has either inadvertently been scanned or it has bled through.

I have tried many times to get our employees to stop using dirty paper and I 
have a feeling that the only way I'm going to get this to happen is if I can 
quote legal "stuff" to our owner.

On Wed, Nov 4, 2009 at 10:10 AM, John Annunziello
<[log in to unmask]>wrote:

Hi Lauren....

Not certain what you mean by "dirty paper"?

If you are re-using the backside, the only issue would be that when scanned, 
the image from the back may transfer through to the front.  Also, if the 
paper is sent out to an outside agency, there may be critical information 
you might not want them to see.  As well, it is not very professional 
looking.  We save single used side paper and make internal pads of them.

John Annunziello, ermm
Manager, Records and Information
Toronto and Region Conservation Authority
[log in to unmask]
"Information is a corporate, strategic asset that needs to be managed" 

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US