“Prepare for” an Audit or “We are Ready” for an Audit – Big Difference!
Early Monday morning an email from the Compliance Officer (CO) of a large client organization has been received by the Operations Manager (OM). Not the ideal way to start the week. Planning to visit the record and data center on Wednesday, he requests the OM suggest a convenient time. There is no “rule” that a […]
Read more »Why You Need to Pay Attention
By Bob Johnson Over the past decades, NAID members have come to know me for trumpeting the latest data protection regulations and for expounding on their various threats and opportunities. As a result, I understand some might simply think, “Here he goes again. It’s the end of the world as we know it.” I hope […]
Read more »Abandoned Records Case Study
In a previous PRISM International blog, there was a discussion related to RIM providers responding to issues of abandoned records within a record center. As a follow-up to that discussion, it is important to address that it is not a matter of if – but a matter of when a record center and team will […]
Read more »Record Abandonment -Identify RIM Provider Alternatives?
Who pays the bill when the company declares bankruptcy? When a practitioner retires and/or meets an untimely death–who pays the RIM service invoice? What about the outstanding invoices when a practitioner closes a “single practitioner” office and joins a large consortium practice or medical school? As an example, who pays the invoice for those boxes […]
Read more »Contracts are a Pain
With the availability of the new i-SIGMA Contract Template, it’s time for a conversation. Contracts are a pain. Why make a big deal out of something about which most customers are clueless. Try telling someone looking for next-day service about your 6-page regulatory contract. You might as well give them your competitor’s phone number. So, with that in […]
Read more »The market favors stronger qualifications: Success in RIM space comes from more scrutiny, not less
By Bob Johnson, NAID CEO In the span of 30 minutes of watching TV, there was commercial promoting Angie’s List as a source of qualified service providers from dentists to plumbers, another promoting the Trust Certified service providers for a wide range of consumer services, and finally one from the Better Business Bureau promoting the […]
Read more »It’s illegal to hire data destruction services on price alone
By Bob Johnson, NAID CEO Let’s just say ABC Corporation hires a data destruction service because they are the lowest price. It does not take a lot to imagine that scenario, right? It happens all the time – maybe most of the time. It also would not surprise anyone that the lowest bidder might also […]
Read more »Mission critical: Examination of new data protection laws
By Dr. Ross Federgreen, CSR CEO, CIPM, CIPP, European Privacy Association More than half of U.S. states today have enacted data protection laws and regulations, growing from just 15 states a year ago. Federal and international authorities also impose obligations on organizations to provide security for the legally protected personal information or personally identifiable information […]
Read more »Why the case against Target may go to the Supreme Court
By Bob Johnson, NAID CEO Within weeks of the massive Target data breach last December, privacy and legal pundits began speculating about class action lawsuits that would result. So far, most of those predictions have come to pass. Lawmakers made a lot of noise but nothing meaningful developed – at least so far. Hundreds of […]
Read more »Reconciling the conventional approach to ITAD reconciliation
By Bob Johnson, NAID CEO In the upcoming edition of ITAK, the professional journal of the International Association of IT Asset Managers (IAITAM), I wrote an article with Kyle Marks (Retire-IT) about a series of recent events that have demonstrated the hazards of traditional IT asset disposal (ITAD) reconciliations, which have exposed great opportunities for […]
Read more »