Archive for the ‘Electronic data breaches, prevention’Category

PCSMass to exhibit at NEBFM 15

PCS of Massachusetts will have a booth at the 2015 Northeast Buildings & Facilities Management Show & Conference, June 17th and 18th.

unnamed (1)

This event features of 300 exhibitors displaying products and services necessary for the operation, management, maintenance and renovation of buildings and facilities in the greater New England Region.

Running concurrently with the trade show is an educational conference featuring 42 individual one-hour talks covering a wide range of topics including: LEED, Green, Sustainability, Energy, Building Commissioning, Facility Maintenance, Construction and Renovation Planning. IFMA provides CFM’s, AFE provides CEU’s & BOMI provides CPD’s for all 42 Conference Talks.

12

06 2015

PCS of Mass is on the Move!

unnamed

PCS of Massachusetts is celebrating our 10th Anniversary by announcing the grand opening of our new office and warehousing facility, located a few miles away in Hanover, MA!

PCS of MA will be fully operational out of our new site by July 31st 2015.

By tripling our overall square footage, it allows for expanded production and inventory space. We are preparing for the increase in our production to meet the increasing demand for strategic solutions for off-network electronic devices including R2:RIOS Certified Responsible Recycling of Electronics / Components, Secure On-site Hard Drive Date Destruction Solutions and Re-marketing (Re-use) of Surplus Electronics and Medical/Lab Equipment.

Our new facility was designed to ensure that we will have the maximum efficiency and security for our current and future warehouse and office operations. In addition to our larger warehouse, PCS has also designed new larger offices and meeting facilities which will allow us to continue expanding to meet the increasing demands for our certified services.

We look forward to you touring our new facility!
Please note our new Address as of July 31, 2015:

PCS of Massachusetts, LLC
342B Circuit Street
HANOVER, MA 02339
Toll Free: 1-844-514-5093

12

06 2015

One easy solution for Hospitals to comply with HIPAA

Over the past several years, advances in technology for medical and lab equipment have been exploding, rendering new-ish, cutting edge equipment obsolete often before there is time for wear and tear. So where does the out-of-network technology go when its taken its last breath to make room for the even more cutting edge equipment? There are solutions to keeping all this metal and plastic out of the waste stream and comply with regulations set forth by HIPAA.

In addition to medical equipment, hospitals also generate other types of electronic waste such as out-of-use computers, monitors, copy machines and a host of other items referred to as e-Waste. Most importantly, these types of electronic waste do require secure handling of the sensitive data that is contained on their hard drives and other data containing devices.

Photo by renjith krishnan

Photo by renjith krishnan

Hospitals do seem to be cognizant of the piles of un-needed apparatus, and do make attempts to find solutions for proper disposal. Many often turn to asset re-sellers, who buy out-of-use equipment and sell them on the secondary market. But is it safe to give these materials to un-certified vendors who may not comply with HIPAA regulations?

It is crucial that hospitals turn to certified, and secure electronics recyclers who have the ability to handle all of the different types of e-Waste, and to be able to destroy the data contained on electronic devices in line with the standards set forth by R2/RIOS, as well as to comply with the standards set forth by the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

What is HIPAA? In 1996, the Health Insurance Portability and Accountability Act or the HIPAA was endorsed by the U.S. Congress. The HIPAA Privacy Rule, also called the Standards for Privacy of Individually Identifiable Health Information, provided the first nationally-recognizable regulations for the use/disclosure of an individual’s health information. Essentially, the Privacy Rule defines how covered entities use individually-identifiable health information or the PHI (Personal Health Information). Hospitals and health care facilities of all kinds must comply with these regulations.

Hospitals must consider their large amount of electronics waste and examine secure, safe solutions for handling all of these out-of-use assets. Hospitals need to look for a vendor that offers secure and certified IT Life Cycle Management services, who also offer strategic solutions for the handling of off network technology.

If you are looking for a certified, safe solution to properly and securely dispose of ALL of these different types of e-Waste, turn to PCS of Massachusetts. They are skilled in handling the vast amounts e-Waste generated by hospitals, and provide secure on-site destruction of hard drives and other data-containing devices; while also offering effective and strategic asset re-marketing solutions.

PCS is R2/RIOS certified and meets/exceeds the regulations put forth by not only HIPAA, but by the Department of Defense (DoD), Environmental Protection Agency (EPA), National Security Agency (NSA) and the National Institute for Standards and Technology (NIST).

In the News: Study Shows Recycled Computers Give Away Personal Information

A study commissioned in Australia by the National Association for Information Destruction (NAID), a non-profit, data protection watchdog agency, has found significant amounts of personal information left on recycled computers.

According to NAID CEO Bob Johnson ,” The study is rather simple. We randomly purchased 52 recycled computer hard drives from a range of publicly available sources, such as eBay. We then asked a highly reputable forensic investigator, Insight Intelligence Pty.Ltd, to determine whether confidential information was on those drives. The procedure used to find the information is intentionally very basic and did not require an unusually high degree of technical heroics. Had the data been properly erased, it could not have been found.”hard drive photo good

The result: private, sensitive information was found such as medical records, bank account holder’s personal information, confidential client correspondence and billing information – pointing to hard drives from businesses and medical facilities. Some of the hard drives pointed to being previously owned by individuals because they contained private images, videos and details of a highly personalized nature.

The study continued to note that where private information was found, there were some indications that someone had attempted to remove the information but failed to do so.

Mario Bekes, Insight Intelligence’s managing director warned that “businesses and individuals take a big risk by attempting to erase hard drives themselves. It is not a do-it-yourself project.” Bekes also encourages businesses and consumers to seek out a certified recycling company with technical expertise and who take data destruction seriously.

[Source: NAID-ANZ Secondhand Hard Drive Study]

DON’T BE A 20/20 INVESTIGATION

The last thing you want is to have David Muir ringing your doorbell because an employee left a laptop at Starbucks. This is how data breaches can start, and you are left holding what’s left of your reputation in a paper bag.

Did you ever consider how much information is on your cell phone, IPad and laptop? Think about all the hardware in your office that also contains sensitive data. What happens to it all when you upgrade your hardware? Are PCs stuffed into closets or are they donated without giving thought to the information on the hard drives? If you are part of a corporation or government office, one discarded, geriatric computer could mean utter destruction of your reputation and revenue.

Fortunately for us, there are measures we can take to make sure your data is safe after electronics have worn out their use.

“R2/RIOS™ certification is solely for electronics recyclers to demonstrate to customers that electronics equipment is being recycled with the highest standards for environmental protection, worker health and safety, and data privacy, and facility security. R2/RIOS™ is a combination of the Responsible Recycling (R2) Practices and the Recycling Industry Operating Standard™ (RIOS™).

R2 was developed by a broad-based cooperative of electronics recycling stakeholders that included the U.S. Environmental Protection Agency (EPA), state governments, manufacturers, recyclers, trade groups and non-governmental organizations. RIOS™ is the sole program on the market that combines quality, environmental, health and safety requirements in a single management system.”*

The National Institute of Standards and Technology (NIST) has also developed guidelines for data destruction and e-Waste security to protect your name from being added to this list.

NIST 800-88 Hard Drive Destruction/NIST 800-88 Data Destruction Guidelines: This document assists organizations in implementing proper and applicable techniques and controls for hard drive data disposal. Even the Internal Revenue Service follows the guidance set forth by NIST. Along with NIST, The National Security Agency (NSA) and the Health Insurance Portability and Accountability Act (HIPAA) also uphold strict regulations.

Compliance requires more than simply shredding or erasing hard drives. Proper reporting is required under NIST 800-88. The following information is only a portion of the guidelines set forth by the National Institute of Standards and Technology.

Wiping: “Wiping” a hard drive refers to using specialized software to purge a drive of all accessible data. The upside to this method is that the device is still usable after the process because nothing has affected the hardware.

The downside is that wiping software cannot be guaranteed. The process is lengthy, tedious and open to human error.

Degaussing: Degaussing involves a process where a hard drive is exposed to a high powered magnetic field which changes the alignment of the magnetic domain where the data is stored, thus “erasing” the data.

When functioning properly, the process can be effective. However this process is lengthy and also affected by human error.

Shredding: Shredding is the safest and the most secure option for data destruction because the hard drive or device is physically shredded into tiny particles.

The benefits of shredding? The process is fast and final. You can choose to watch it happen either in person or by video so you can be assured that all your items have been properly disposed. Afterwards, you will get a certificate of destruction.

Although there are different options for handling your data destruction needs, shredding is the only fail-safe solution to guarantee that your sensitive information never ends up in the wrong hands.

*R2/RIOS

Eight Items you Didn’t Know you Could Recycle

Most people know by now that recycling helps save our Earth. With the number of landfills in the United States increasing, and the majority of waste in these landfills being electronics waste, there is so much more work that needs to be done in reducing waste and keeping the environment safe.electronic-waste-trashcan

What exactly is e-Waste?

What exactly is e-Waste and what can be recycled? The term “e-Waste” is an abbreviation of “electronic waste”. According to StEP (Solving the eWaste Problem), who is a United Nations partner organization, “E-Waste is a term used to cover items of all types of electrical and electronic equipment (EEE) and its parts that have been discarded by the owner as waste without the intention of re-use.”

End-of-life televisions, computers, copiers, laptops, monitors, medical/lab equipment, refrigerators and GPS devices are just a few examples of e-Waste that needs to be recycled rather than thrown away.

Where does all the e-Waste go?

Accelerating product innovations and replacement – especially in ICT (Information and Communication Technology) and office/medical/lab equipment – combined with the change from analog to digital technologies (ex. to flat-screen TVs and monitors) – are feeding the increase. Fueling this growth is the decrease in the cost of electronic items making them more affordable to consumers.

As more electronics are manufactured, and subsequently replace their out-of-date cousins, where do all the old ones go?

Some of us do try to re-use and recycle our old electronics. However many of us also have e-Waste that remains in basements, attics and storage rooms – out of sight, out of mind.

Although we are doing a better job of recycling paper and cardboard, more attention needs to be given to e-Waste and its proper disposal. Many have steered away from recycling certain products because they weren’t aware that these items can be re-used and recycled – or simply thought it was inconvenient and stashed them away for another day.

PCS of Massachusetts CEO Lisa DiPaolo Bacewicz amidst the current stream of electronics in the process of being recycled at her facility in Weymouth. Chris Bernstein photo

PCS of Massachusetts CEO Lisa DiPaolo Bacewicz amidst the current stream of electronics in the process of being recycled at her facility in Weymouth. Chris Bernstein photo

In addition to recycling computers, printers and such, the following list contains eleven items often thrown away in the past, but can be re-used and recycled today. These items are not allowed in door-side recycling bins. Call a certified electronics recycling company to help you properly dispose of the following items.

1) Batteries: The more batteries that end up in landfills, the more volatile the landfills become – bad for our Earth.

2) VHS and cassette tapes: Are you still holding onto leftover VHS and cassette tapes? These items can be recycled.

3) Ink jet and laser cartridges: Most people toss the empty cartridges in the trash which is a no no.

4) CDs, DVDs, Game Disks: These plastic orbs are stuffing our landfills. These can be efficiently shredded at a responsible recycling company.

5) Fluorescent Bulbs (CFLs): Energy efficient- yes – but there are hidden dangers sealed inside each little bulb, such as Mercury, where the contents of one light bulb contains enough mercury to contaminate 6,000 gallons of water.

6) Cell phones: Only 10% are re-used. In a recent announcement made by the International Telecommunications Union (ITU) at this year’s Mobile World Congress “There are more in-use cell phones than there are people on the planet right now.” Where will all the old phones go?

7) Cameras/Camcorders: As technology advances in camera technology, where are all the out-of-use cameras going? Recycle them instead of tossing into the trash/landfills!

8) Power Cords/Power Supplies: As the end-of-life electrics are rendered obsolete – so go their power supplies.

What can we do?

Contact a certified, responsible recycling company who will advise you as to how to properly dispose of your e-Waste. Help keep our environment safe!

Four Tips to Protect your Data

Data breaches from cyber attacks are all over the news today. Although these types of security breaches are becoming more common, and more devastating, to the organizations and people involved, there is another kind of breach that is just as alarming.

Often times, informal transportation or improper storage of end-of-life electronics are the culprit. In untrained hands, sensitive information can be leaked, stolen or lost on the way to recycling centers or can be forgotten in dusty storage areas.

Consumers and businesses alike should be aware that electronic waste that is not disposed of properly poses a threat to sensitive data left on the devices. Finding a responsible electronics recycler will eliminate the risk of data breaches and grant the much-needed peace of mind that companies and individuals need.

Implementing a positive plan to combat electronic waste data breaches is the only realistic way to ensure that sensitive information remains safeguarded for end-of-life electronics.

Here are four tips to protect the valuable data contained on devices within your home, organization or business:

1. Get the best third party data destruction provider available

Laws and regulations ban dumping e-Waste into landfills and require specific methods for collection and disposal based on government guidelines.

When electronics devices reach end-of-life or are no longer wanted, relying on disposal plans managed by employees and staff for data destruction and e-Waste disposal is not effective, and leaves companies open to liability for breaches.

Instead, rely on a responsible R2/RIOS certified company with secure measures in place to handle the proper recycling of e-Waste and secure destruction of the information on hard drives and other data devices.

2. Avoid long-term storage of end-of-life devices

Long-term storage can increase the risk of loss or theft, which leads to serious data breaches. In fact, many data breach cases are the result of computers left to sit in off-site storage facilities with little or no regulation or supervision of the information contained on hard drives and storage devices.

Rather than choosing to place end-of-life devices in storage, creating an electronic waste disposal plan is the better choice. The plan should ensure that storage time is minimal or completely eliminated, thereby decreasing the risk of theft, loss or inadvertent exposure of sensitive information.

3. Know the laws on data destruction

Here in the U.S., most states with electronic recycling laws also require vendors to follow government regulations to ensure that consumer information remains safe. It is important to be aware of which guidelines apply to your organization and to organize an electronic waste disposal plan around them.

4) The best tip of all is too choose a responsible, certified electronics recycler who provides secure data destruction. This is the most effective way to ensure proper management and secure destruction of sensitive information contained on the hard drives of electronic drives.

Recycle with data security at the forefront

We live in a world where company and personal information is a highly valued commodity. It is crucial that companies do everything they can to stop their sensitive information from falling into the wrong and most devastating hands.

Recent mega-breaches by the numbers*:

Target: 40 million – The number of credit and debit cards thieves stole from Target between Nov. 27 and Dec. 15, 2013

eBay: 145 million people affected

JP Morgan Chase & Co.: 76 million households and 7 million small businesses affected

CHS Community Health Systems: 4.5 million people affected

Michael’s Stores: 2.6 million people affected

Neiman Marcus: 1.1 million people affected

The result?

Mega breaches are mega expensive! The average cost of a data breach for a company is $188 per record. Based on an average 28,765 records per US breach, one study identified a total organization cost of $5,403,644 per data breach.*

A call for change!

According to eWeek, “An alarming number of widely publicized data breaches is sparking change in the attitudes of business leaders and consumers when it comes to cyber-security. Consumers and regulators alike are demanding more communication and remedies from businesses after data breaches occur. As a result, the topic is one of the highest priorities facing businesses and regulators in 2015.”

Although the spotlight has been on infiltration by a criminal hacker, breaches can happen as a result of a company’s negligence in handling its end-of-life electronics; computers, hard drives, cell phones and all other data-bearing devices.

It is a paradox that while electronic waste is entering the waste stream at an accelerated pace, there’s little to no information on what happens to e-waste in the end – and the chaos that can ensue if not handled properly and responsibly.

By carefully reviewing an organization’s electronics and data disposal process, companies can nip the problem in the bud.

How can we do our part in helping to thwart data breaches?

Make it a top priority to outsource the management of unwanted electronics equipment to those who are qualified and experienced in handling recycling and data security management.

Be sure to use a R2/RIOS Certified, responsible recyling/data destruction company. These are highly regulated companies who achieve the highest level of excellence. Look for other certifications and compliances as well – HIPAA, DoD, NIST, NAID, NSA. For more information, check out WWW.PCSMASS.com

* According to the 2014 Ponemon Institute Report

** In May 2013, the Ponemon Institute released its 2013 Cost of Data Breach Study: Global Analysis (“Ponemon Study”),

E-Waste not want not

Are old computers, monitors and power supplies piling up around you? Now is the time to PROPERLY get rid of ALL the old electronics hanging around your place of work. PC Survivors of Massachusetts, LLC (PCS MASS) is your one-stop shop for the responsible disposal of everything electronic.

Why can’t you just throw it all out on the curb, toss in the dumpster or go to the dump? Quite simply, improper disposal of e-waste (electronics waste) is illegal and a danger to the environment. “But it’s just a cell phone/battery/hard drive/etc.” you may ask. “Maybe if I hide it in a trash bag and toss, nobody will notice?” You can be well assured our Earth will notice. As will the US Environmental Protection Agency (EPA) when they serve you up a severe fine.

Actually the materials inside of electrical devices can be a danger if not securely disposed. Imagine a land-fill chock full of e-waste where they will eventually release pollutants like nickel, lead, cadmium and mercury into our air, ground water and soil. Think of children brushing there teeth with this water – yuck – and extremely health hazardous. How about the fresh produce we eat and the grass-fed beef we consume? Think of the soil from which plants sprout. The long-term effects are scary.

Equally, if not more frightening, according to the EPA Americans disposed of 3,420,000 TONS of e-waste in 2012 (most recent year there is data).

E-waste is defined as any discarded electronic/electrical device (computers, cell phones, televisions, medical equipment, etc.), and is the fastest growing sector of waste in the United States.

Everybody needs to do their part and REUSE, RECOVER and RECYCLE! PCS MASS is one of the few RIOS/R2* certified recyclers in New England who are compliant with state and federal regulators such as NSA*, NIST*, DoD* and HIPPA*. What exactly do all these acronyms mean? Quite simply, they mean that PCS MASS upholds the highest standards for responsible electronics recycling. (If you like to translate acronyms – see below *)

What sets PCS MASS apart from other companies who also recycle e-waste, is that we are certified to ALSO PROVIDE SECURE on-site and off-site DATA DESTRUCTION; regulated by these same mandates.

There are several simple choices as to how to dispose of your e-waste. If you are in New England, first call PCS MASS 1-844-514-5093 or check out our website www.pcsmass.com. PCS MASS has large trucks that will come to your office, hospital, building, lab and safely pick up your e-waste. Or you can call first and schedule to drop it at our warehouse in Weymouth, MA. Every item will be documented and you will receive certification of secure disposal.

Here is a partial list of e-waste that is most-likely accumulating in your office now!

PCs/Laptops/Notebooks/Tablets
Servers/Server Racks/Network Equipment
Hard Drives/DLT Tape/Memory Chips/Circuit Cards
LCD Monitors
Cell Phones/Cameras/CD,DVD, VHS Players
Printers/Faxes/Copiers
Batteries/UPS
Keyboards/Mice/Cords/Cables
POS Equipment
Medical/Lab/Dental Equipment
Plus much more-(see www.pcsmass.com for a complete list)

If everyone puts forth a little extra effort and responsibly disposes of e-waste, we can use the almost 3.5 million tons of space currently taken up year over year, by this needless waste – for something good. How about organic farms? Parks? E-Waste in our landfills – NOT!

* Acronyms:
RIOS/R2: Responsible Industry Operating Standard/Recycle and Reuse
NSA: National Security Agency
NIST:National Institute of Standards and Technology
DoD: Department of Defense
HIPAA: Health Insurance Portability and Accountability Act

60 Minutes – Colorado Recycler indicted for illegal e-waste exports

As featured on 60 Minutes on 1/13/2013, a Colorado Recycler was indicted by a Federal Grand Jury on charges of wire and mail fraud as well as environmental crimes. Two executives from Executive Recycling, a Colorado metro-area electronics recycling company was found guilty of dumping hazardous computer waste overseas instead of reusing and reselling it domestically.

The same company was profiled in a 60 Minutes expose in 2008 about the environmental and human toll of disposing of used computers and electronics (e-waste), in China and other countries. Executive Recycling told clients that all the electronics they collected from them would be reused or disposed of in accordance with all environmental regulations.

PCS of Mass, a Nationwide Electronics Recycler, takes CRT and E-Waste disposal very seriously. As an R2 Certified Recycler, we strictly follow the guidelines for Responsible Recycling set by the R2 Commission. We also provide Secure On-Site Hard Drive Shredding Destruction services.

Contact us today to speak with one of our Sales Reps about how we can help you achieve transparent recycling compliance. 781-335-1220

15

01 2013