Richards & Richards Blog

Records Management Resolutions for the New Year

Resolutions aren’t just for individuals; businesses also benefit from the opportunity to reassess and reprioritize. Evaluating and revising your records management processes is one of the most impactful things you can do for your organization. In the spirit of the “resolution season,” we’ve outlined a few simple steps that can improve business productivity, strengthen privacy protection, and ensure regulatory compliance.

Verify that information is properly classified

A strong records management program ensures that hardcopy and electronic files are properly categorized, and also provides retention schedules to be consistently followed and updated as necessary. This requires input and oversight from each department or division within your organization, since each may have different compliance requirements. Verify that retention periods are correctly applied and consistent with your legal obligations. If you find that your current filing system is out of control and are unable to easily find documents, engage a records management provider who can implement an indexing and verification solution which includes properly labeling, inventory management, and indexing of your records.

Organize and de-clutter paper files

The better your records are organized, the more easily you’ll be able to find the information you need. A filing system needs to be properly labeled to facilitate expedient retrieval, but also needs should protect sensitive information from unauthorized access. Organizing your records according to activity levels can streamline your filing system by enabling inactive and archival records to be sent offsite for storage while affording you more space to store documents integral to your daily business processes. Areas allocated within your office to store active physical files should be locked at all times with continuously monitored access.

Any files that have exceeded retention requirements should be securely disposed of. Prior to your organization and de-cluttering process, engage a paper shredding provider to place secure shred collection receptacles within your office. Doing so will enable sensitive documents to be securely collected and thoroughly destroyed in an expedient manner.

Prioritize disaster recovery

No company is immune to loss of information from a catastrophic event. Disasters strike without warning and with varying degrees of impact to your organization. Properly protecting your vital business information minimizes downtime and increases the chances your company can resume its operation.

Mission-critical documents and files should be stored in a facility that minimizes the risks to paper documents and enables them to be retrieved and delivered at a moment’s notice in support of your disaster recovery requirements. Digital records on storage media should similarly be protected, although in a vault environment that fosters optimal protection and preservation of electronic media.

Records management is an ongoing process, so even if you’ve met or exceeded your resolution, make sure you can sustain it throughout 2015 and beyond. Revisit your program on a regular basis in order to verify it is being followed by your staff. Gather input from key stakeholders to assess effectiveness and revise procedures as necessary.

Richards & Richards provides records management solutions to business throughout Nashville. For more information please contact us by phone or complete the form on this page.

Protecting and Preserving Your Digital Data

The various media your data is saved on may be the most important devices in your organization. If a file is accidentally deleted or your server suddenly crashes, lost data can quickly be restored from a tape, CD, DVD or hard drive; these effectively serve as a life preserver for your business. Unfortunately, they’re also extremely fragile: over time, any media deteriorates which also leads to data loss. Putting your media on a shelf or in a box tucked away in the corner of your office won’t protect them for very long—in fact, it exposes them to even more risk. Preserving your digital data requires taking an active role in your company’s backup strategy.

Wait…what happened to my data?

You’ve been there at some point. While cleaning out your office desk, you come across a long-forgotten thumb drive. You feel a combination of curiosity and excitement. You plug it into your computer only to find that it doesn’t work. You remember that at some point and time you had files—if only you could remember which ones—stored on the device, but now they’re gone. Obviously, they weren’t that important (you hope) or you wouldn’t have tossed the drive in your drawer, but the experience serves as a valuable lesson.

Data recovery letdown

The same thing can easily happen to the backup tapes and hard drives that contain your mission-critical business data:

  • financial document
  • client contracts
  • personnel records
  • tax files

You might attempt to restore these files only to find out that the data you’re expecting to find has disappeared. Imagine the possible consequences:

  • stalled business operations
  • delayed customer service
  • audit failure
  • unfavorable litigation outcomes

Factors that compromise backup media

Here are some factors that could cause your backup media to come up short in the data recovery process:

  • improper storage
  • improper handling
  • natural disaster
  • theft

Your backup media needs to be on-call and ready to go in a data loss scenario. Unfortunately, improper storage can damage or destroy the readability of your backup media. Maintaining consistent temperature and humidity levels are a must. Temperature should not rise above 68 degrees Fahrenheit and relative humidity should hover around 40%. Light and dust pollution, as well as magnetic interference, can severely degrade the data stored on your media.

Your office does not offer a strictly monitored and regulated environment for minimizing these factors, and over time, this uncontrolled environment reduces the lifespan of your media. The typical warehouse or self storage facility presents the same issues. Any backup media left on-site at your facility is susceptible to permanent loss from theft and natural disaster. Therefore, immediately after backup, all media should be transferred to a media vault facility.

Since improper handling also damages backup media, all transport and handling should be handled by a screened data protection professional following strict chain of custody procedures. Once stored in a media vault, your backup media is barcoded and tracked within an inventory management database, which allows for swift location and retrieval during a data loss event.

Richards & Richards provides data protection solutions to business throughout Nashville. For more information, please contact us by phone or complete the form on this page.

Making Sure Your Backups Keep Your Business Running

You want your company up and running at all times. But unexpected data loss can cause your business to come to a screeching halt. Much like regular maintenance for your vehicle, data backup keeps your organization running. It also serves as an insurance policy. We’ve outlined methods for ensuring your backup data works properly and effectively.

Implement a strategy

A data protection strategy first begins with knowing what information needs to be protected and then ensuring that it is backed up properly and on a regular basis. Backup frequency depends on:

  • quantity of data
  • where the data is located
  • the type of information

Relying on the most technically competent person in your office may seem logical, but that person may not have the time, resources or skills necessary for making sure your backup strategy aligns with business continuity, compliance and legal requirements. If your business lacks in-house knowledge, find an expert who can help.

Disaster proof your backups

Having a backup is no good if you don’t properly protect it. Your office may seem like a safe place to store your tapes, however if a man-made or natural disaster occurs, your backup information may be permanently destroyed. Other commonly-used storage options are no better; your IT expert’s house doesn’t offer the robust protection needed to protect vital and sensitive backup media. A safe deposit box may be great for jewelry and heirlooms, but not for a tape susceptible to damage from even the slightest temperature and humidity changes. And a self storage unit also doesn’t offer a secure and stable environment for proper protection and preservation.

A data vault is specifically built to safeguard backup data and ensure recovery of vital business information. Check to see if the data vault you are considering fully protects the integrity of your media, prevents unauthorized access, and offers comprehensive inventory management capabilities. Additionally, look for the following features in your prospective data vault facility:

  • magnetic shielding
  • environmental control sensors
  • media friendly fire suppression
  • 24/7/365 security monitoring

Verify recovery

If a real-life disaster does occur, that’s not the moment you want to find out the way you’ve been backing up your data doesn’t work. Once you implement your backup strategy, test it to make sure it works. Then, schedule periodic recovery testing on a routine basis. This will require that you work directly with your media storage and rotation vendor. The right supplier will be able to quickly locate your mission-critical data and deliver it to your designated recovery or hot site location. At the very least, you should perform simulated data loss and recovery exercises once a year.

Most importantly, don’t let a feeling of being overwhelmed lead to inaction. It’s better to have an imperfect backup solution in place than to have none at all. Every backup strategy needs to be modified and adjusted to meet compliance and information growth needs. With the right resources, you can make sure that your business data is continuously protected.

Richards & Richards provides data protection solutions to business throughout Nashville. For more information, please contact us by phone or complete the form on this page.

Records Management Risks That Haunt You Year-Round

‘Tis the season of ghosts and monsters, but data breaches leading to client identity theft can put the real scare into your Halloween. Managing business records has become increasingly difficult for organizations of all sizes. The more information there is, the harder it can be keeping up with it all. In the spirit of the season, we outline important records management risks to be aware of, so they don’t haunt you year round.

The vanishing file

Companies across a wide range of industries continue to rely on paper records to support their business processes. But when a file goes missing there may also be ton of damage incurred, including:

  • lawsuits
  • loss of clients
  • breach notification costs
  • regulatory fines
  • damaged business reputation

Problems often occur due to a lack of internal resources, reliance on poor document storage alternatives, and/or failure to adhere to retention guidelines. Even with a relatively small amount of paper documents to manage, without the proper systems and processes, hardcopy records can disappear—some get misplaced and lost, and others vanish as a result of theft and malicious intent. A professional records storage and management solution offers privacy protection for confidential documents, prevents unauthorized access to records, and uses barcode tracking and inventory technology to create a stress-free file management system for your company.

Terrorizing data loss

The loss of critical business data can be more frightening than the scariest horror movie. The plot goes something like this: A natural disaster has destroyed your business facilities. Luckily, your personnel are unharmed, but your data is another story. Suddenly you realize none of your backup tapes were moved offsite, so they too have been destroyed. As a result, your business can’t survive.

When you think about how vital your computer data is to the survival of your business, it becomes obvious that it deserves robust protection. Backup media should never be stored on-site at your facility. Instead, each backup should be transferred to a secure, off-site facility. A self-storage facility, safe deposit box, or private residence won’t work. Your computer media is very sensitive, meaning that even a little moisture, heat, or physical shock can degrade the data stored within. Fortunately, there’s a solution for this problem. A media vault provides the optimal environment for the security and long-term preservation of backup media, offering:

  • magnetic shielding
  • environmental control sensors
  • fire protection and suppression
  • ceramic heat insulation
  • round-the-clock video surveillance

Since a media vault is operated and managed by data protection specialists, your critical backup can always be located and retrieved 365 days a year, at any hour, to support data recovery initiatives.

The unknown lurking in the trash

It should come as no surprise that dumpsters are popular haunts for criminals seeking access to personal information. Your business information can easily land in the trash without secure, verifiable document disposal processes. A professional shredding service eliminates time-consuming internal shredding processes and ensures that sensitive paperwork is disposed of in a timely and secure manner. Locked bins are placed in your office where documents can be dropped and kept secure until they are collected and destroyed by screened professionals with a NAID AAA Certified shredding services provider.

Richards & Richards provides records and information management solutions to business throughout Nashville. For more information about how we can strengthen data security for your company, please contact us by phone or complete the form on this page.

The Spooky Things That Could Happen to Your Information

Have you considered the risks to your business information, or is the task of simply managing your data more than enough to think about? Information management and data security go hand in hand, so focusing on one at the expense of the other can create problems for your business. Because you’re so dependent on your information, it’s worthwhile to consider the chilling things that could happen to it. With Halloween lurking right around the corner, the month of October seems like the perfect time.

Documents stolen from the trash

You may be making it easy for thieves to steal your business information. All they have to do is go through your trash. Even with the use of shredding machines, it’s not uncommon for confidential paperwork to get thrown out daily without being shredded. In addition to being cumbersome and time-consuming to use, it is difficult to monitor employee use of shredding machines. However, this problem is eliminated when secure document disposal is made as easy as tossing a file in a recycle bin. Shred collection containers offer a secure option for disposing of paperwork. Files can be tossed into the container where they are securely stored for regular collection and shredding by a professional document destruction company.

Permanent loss of data stored on-site

Having no disaster recovery plan can mean the end of your business. When vital business documents and data are stored on-site, you are assuming a large amount of risk. A leaky water pipe could destroy a whole inventory of paper files. In addition to permanently wrecking hardcopy documents, a fire, flood or other natural disaster would most likely destroy your electronic data as well.

Therefore, it’s wise to store vital business documents, archival and/or historical files and electronic backup media in an offsite location separate from your primary business location. When choosing a location, keep in mind that hardcopy information and digital data have very different storage requirements. By engaging a full-service records and information management company, you’ll be offered both records storage and media vaulting options.

Regulatory non-compliance

Non-compliance with laws and regulations not only increases legal risks for your business but can also permanently damage your company’s brand and reputation. Formalized document management policies and procedures can help, beginning with how information is tracked. At any moment, you should be able to pinpoint a specific file and view all data associated with that file. It’s easy to run into problems if documents are not properly organized, indexed and labeled.

A records management support service helps by verifying your document inventory, creating a file system, and making sure that retention schedules are up-to-date and adhered to. Outsourcing the storage and management of your documents enables:

  • greater audit success
  • lower overhead and internal administrative costs
  • increased focus on revenue generation

Richards & Richards provides records and information management solutions to business throughout Nashville. For more information about how we can strengthen data security for your company, please contact us by phone or complete the form on this page.

The 3 Don’ts of Data Security

As a small business owner, you have a responsibility to protect data belonging to your customers, employees and company. And it’s not only data belonging to big businesses that criminals are going after; each day, small organizations fall victim to data breaches resulting in very real consequences. According to AccountingWeb, 80 percent of small businesses that experience a data breach suffer serious financial losses. Luckily, there are valuable lessons to be learned from companies that have already fallen victim.

Don’t exceed retention periods

Records retention periods outline clearly defined periods for holding on to information. However, these timeframes are often mismanaged or altogether ignored. Some small business owners take on a hording mentality, holding on to every last bit of information indefinitely. In addition to creating serious physical space constraints, exceeding retention periods also increases data breach exposure. Although no longer useful, your expired documents and data storage devices may still contain:

  • financial information
  • proprietary data
  • clients’ personal information

In order to prevent identity theft and business fraud, final disposition dates within a retention schedule should always be followed. A professional records management solution ensures that retention guidelines are always followed and that documents and devices containing expired data are destroyed in a timely manner.

Don’t rule out worst case scenarios

Preventing theft of corporate data is a non-negotiable, but so is protecting your information from other circumstances beyond your control. Your data can be permanently lost due to any of the following events:

  • fire
  • flooding
  • natural disasters such as earthquakes, tornadoes and hurricanes

Problems occur when the majority of your data is stored on-site. Disaster recovery and business continuity experts recommend that mission-critical data be stored in a secure location away from your primary place of business. Several factors should be considered when choosing an off-site location:

  • technology and methods for managing inventory
  • security and surveillance systems
  • controlled and limited access to screened personnel

Paper and electronic records have different storage requirements, so all data storage media should be stored and managed in a fire-rated vault equipped with the following:

  • ceramic fire walls
  • magnetic shielding
  • zone 4 earthquake resistance

Don’t assume data security awareness

You have to educate and train your employees about data security best practices. Training can range from common-sense approaches—such as not leaving computer screens and sensitive documents unattended at workstations—to encrypting data prior to exchanging it. Protocols should be established with regard to:

  • BYOD (bring your own device)
  • secure web browsing
  • portable USB use
  • file and document retrieval

It’s important to remember that data security education is ongoing and should be scheduled regularly for the good of your business.

Richards & Richards provides records and information management solutions to business throughout Nashville. For more information about how we can strengthen data security for your company, please contact us by phone or complete the form on this page.

Choosing the Right Data Protection Solution

Your business data constantly runs the risk of being maliciously stolen or permanently lost due to negligence, natural disasters or other factors outside of your control. But finding a data protection solution that combines affordability and maximum recovery capability can be a challenge. An increasing number of vendors are offering to protect your information, but until you are forced to recover your data, you can’t really tell if it’s properly protected—and by then it may be too late. Choosing the right data protection partner comes down to understanding your backup and recovery options and thoroughly vetting the supplier protecting your data.

Online vs. offline backup

Recently a flood of online backup solutions have appeared on the market, targeted to companies of all sizes. Also referred to as “cloud” or “remote” backup, these solutions promise easy, low-maintenance backup and swift recovery of data. While the process is automated and does not require physical intervention, it is dependent on internet speed for the transfer of data.

Offline backup involves the transfer of data from a database to a tape via hardware. This backup option allows large amounts of data to be protected at a low cost. Backup tapes, if protected offsite in an optimal environment, can be preserved for an extended period of time. Data recovery using offline backup is not dependent on internet speed.

Ensuring continuous data recovery

Online backup is marketed to individuals and companies as a low-maintenance and easy data protection solution, but because it is bandwidth-dependent, the volume of data that can be backed up at any given time is limited. Therefore, it may not be possible to back up all mission-critical data stored on a single hard drive. Bandwidth constraints also impact how quickly data can be restored. This is a stark contrast to offline backup where a large amount of data can quickly be written to tape. Data recovery with tape is not bandwidth-dependent and is extremely fast and efficient.

It makes a difference who stores your data

Any number of service providers are willing to store your data, but it’s hard to tell if your data will really be protected while in their custody. Some online backup providers do not even guarantee information protection that meets the requirements of regulations such as HIPAA. Anytime your data is stored online, there is a certain risk involved. Customers of Amazon’s Simple Storage Service (S3) found this out early last year when researchers found that they could easily access 126 billion files stored on S3—files that should have been restricted—simply because their owners failed to mark them as “private.”

On the contrary, when using a locally-based media storage solution provider, you meet the real people who care for your data. There’s a lot at stake when storing a company’s data, and a local data protection vendor will take extra steps to ensure maximum privacy protection—after all, their reputation within your community depends on it. Still, as part of your due diligence when choosing a data protection solution, you should look for:

  • client references
  • experience and capabilities
  • certifications, honors and industry involvement

Richards & Richards provides businesses throughout Nashville with data protection solutions. For more information please contact us by phone or complete the form on this page.

How to Protect Your Hardcopy Data Long Term

Each day, documents are routinely accessed and used within your business. What would be the impact if a single file or your entire hardcopy inventory suddenly vanished? How would you resume conducting your operations as normal? Could you continue to service your customers? Your paper documents may be the lifeblood of your organization, and they deserve proper protection.

Where they’re stored

As with any critical business asset, your paper documents should be physically protected from unforeseen events. Catastrophes causing permanent hardcopy data loss run the gamut:

  • leaky water pipes
  • burglary
  • electrical fires
  • natural disasters

When documents are either partially or permanently lost, your business processes are immediately interrupted, which can also have an impact on legal and regulatory compliance.

Disaster recovery and identity theft experts highly recommend that hardcopy business information be stored in a location away from your primary place of business. Choosing the right storage facility is especially important and should not only minimize the aforementioned risks, but also provide round-the-clock records management services to support both your retention requirements and data recovery needs. Things to look for in a facility include:

  • perimeter security
  • continuously monitored access gates
  • external and internal 24/7 security surveillance

Distinctly different than a self storage business, a records center only offers access to screened records management professionals. All documents are stored on high-density shelving units with in-house sprinkler systems for rapid fire suppression.

How they’re managed

Within any office, without constant oversight and proper organization, documents are bound to get lost or misplaced over time. A file cabinet drawer may be accessed several times over the course of a single business day, increasing the likelihood that individual documents and whole files could be misfiled or misplaced. Archival files may be mixed in with their more active counterparts and document storage areas may not be monitored, which can lead to unauthorized access of sensitive information. These problems can be avoided with the use of proper retention management practices. In order to fully protect hardcopy data, you should be able to fully account for the following items at any point in time:

  • where specific documents are located
  • who has accessed a particular file
  • when a file has been retrieved and returned
  • how long documents need to be kept

When your documents are managed by a professional records management company, not only is an accurate audit trail for your hardcopy data constantly maintained, but the stress of having to manage files internally is also alleviated. Barcode tracking and inventory management technology enable documents to be consistently accounted for and securely retrieved and delivered according to your needs. All information pertinent to your hardcopy data can be shared between the records center where your inventory is stored and your business office, providing you with increased records management functionality, including:

  • web access to important retention information
  • verification and editing of destruction dates
  • custom reporting options

Who’s protecting them

In addition to the facility where your hardcopy data is stored and the way in which it’s managed, you must be able to place 100% confidence in the company protecting your documents. When you choose a local vendor with a history of serving your community, you reap the benefits of working with a provider built on trust and service. You should search for a company that has established itself as an expert in the records and information management industry. Additional things to look for include:

  • client references
  • special designations and awards
  • professional affiliations

Richards & Richards provides businesses throughout Nashville with records and information management solutions. For more information, please contact us by phone or complete the form on this page.

Dispelling Myths about Document Retention

Proper document retention is essential to business success. But unfortunately there are commonly-held misconceptions on how and when to retain files. We’ve outlined three myths about document retention so you can improve your methods for handling and managing your business information.

Retention documents must be stored on-site

Business owners are known for their “can-do” attitude. But persistence and determination can be a detriment to sound document retention practices. When it comes to storing and managing documents, the thinking often goes something like this:

  • “I know where everything is.”
  • “It’s safe.”
  • “I can manage my information.”

Even for the most adamant control freak there are going to be times when he can’t find a document. The reality is that files get misplaced all the time. Each time it happens, the current task falls by the wayside and workflow is interrupted. File retrieval, even at its smoothest, takes time. Being able to continuously track and monitor the flow of documents helps improve all of your business processes. But in order to do so, your business retention inventory needs to be properly managed in a way that doesn’t cause you to ignore something equally important.

Everyone likes to think of their business as safe and secure. Yet every organization is susceptible to risks, especially when it comes to paper documents. A fire, flood or natural disaster can lead to permanent loss of critical business information. Having an off-site location where you can confidentially store retention document strengthens your disaster recovery capabilities and protects your entire business.

Hold on to it just in case

If you’ve ever been audited and weren’t able to produce a document, you know how stressful that can be. But holding on to documents longer than necessary can also get you into trouble. Records that have exceeded required retention periods may complicate litigation proceedings and create a legal nightmare. And an auditor isn’t going to be too happy if she has to wade through documents that should have been securely disposed of a long time ago.

There’s also the issue of disorganization. The more documents you hold on to the more likely your office is going to become cramped and cluttered. This can have a serious impact on overall business productivity.

Documents that should have already been destroyed are also likely to contain confidential information. The longer these records are kept, the more identity theft and business fraud exposure you’re assuming. A box of documents containing personal information that has been sitting for years may have already been opened and riffled through—and you would never know it.

One retention policy is all you need

Having one retention policy may work for a small business, but for larger organizations retention guidelines have to fit corporate compliance guidelines. Individual business units may need to set their own retention guidelines—after all, they are experts when it comes to their own documents. This doesn’t mean that retention guidelines shouldn’t be coordinated across your enterprise; it’s still important that your company complies with any regulations affecting your entire organization.

If you need retention management assistance for your business, we can help. Richards & Richards provides businesses throughout Nashville with records and information management solutions. For more information please contact us by phone or complete the form on this page.

How Document Scanning Enhances Your Ability to Meet Audit & Regulatory Requirements

Alleviating an over-dependence on hardcopy records is one advantage of implementing a paperless solution for your business. Document scanning also automates workflow within your organization and streamlines business processes. And for organizations that are frequently audited and have to meet regulatory requirements, an imaging solution can also greatly enhance audit and compliance capabilities.

Your privacy protection obligations

Privacy protection is like insurance against legal liability and damage to your business reputation. Safeguarding personally identifiable information is also a key component of the following regulations:

  • Health Insurance Protection and Accountability Act (HIPAA)
  • Sarbanes-Oxley Act (SOX)
  • Gramm-Leach-Bliley Act (GLB)

Electronic records offer enhanced security from their hardcopy counterparts in that they can be password protected to restrict access to those other than authorized end users.

Yet the process that enables hardcopy documents to be imaged and converted must also follow strict protocols to ensure privacy protection during scanning. Many companies put their data at risk by transferring hardcopy documents overseas to low-cost, third-party scanning providers. In order to ensure regulatory compliance, it is best practice to engage a local document scanning provider with whom you can meet firsthand and verify chain of custody procedures.

Eliminating audit headaches

No one likes to be audited. The easier you can make an auditor’s life the less painful the process. This means being able to give an auditor the information they need in a timely manner. Many businesses start the relationship off on the wrong foot by handing an auditor a box of un-indexed documents, making her job more difficult and increasing the likelihood of unfavorable results.

Document scanning enhances document management, making it easier for an auditor to find the information they need. Electronic records can be better organized, added to an Enterprise Content Management (ECM) database for efficient access, offer full search capabilities enabling precision location of specific data, and provide the following benefits:

  • records tracking
  • document access control and monitoring
  • expedited information retrieval

While you want your documents to be scanned in a timely manner, you also need them to be scanned accurately and clearly. Therefore, quality assurance is imperative during any scanning process. Without strict monitoring and verification that all information has been accurately and thoroughly captured, there’s no guarantee that an auditor or regulator will be able to access the required information.

Thus, when implementing a professional document scanning solution, make sure that speed does not trump accuracy. Images should be captured at a speed that allows for a scanning technician to do a visual check of each image as it is captured. Otherwise, critical data may be lost during the imaging and conversion process, significantly impacting your ability to successfully meet audit and regulatory requirements.

Richards & Richards provides document scanning and imaging solutions to companies throughout Nashville. For more information please contact us by phone or complete the form on this page.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive new posts via email.

Contact Us

We would love to hear from you! Please fill out this form and we will get in touch with you shortly.
  • This field is for validation purposes and should be left unchanged.

Blog Categories

2015 Richards & Richards

1741 Elm Hill Pike Nashville, TN 37210-5717