News & Events
Stay on top of the changing information governance landscape with expertly written blogs and industry-driven webinars by Zasio experts. Our case studies show how we’ve served every industry from pharmaceutical to utilities.
Hard-Copy Files in a Digital World
Another day, another personal information data breach.
Many companies started looking at their own system’s weaknesses after learning about the recent Uber data breach. No one wants to be the next data breach headline. This kind of news can make people long for the days when records retention was simpler and paper-based documents meant data protection wasn’t always part of the daily routine. Some may even wonder whether the benefits of personal data protection outweigh the administrative burden of returning to hard-copy records. But did you know that low-tech data can be just as easy, if not easier, to breach?
...
5 Tips for a More Secure Password
We are in an age of unprecedented digital technology and connectivity. As a result, businesses face an ever-increasing risk of cyber-attacks and security breaches. Just glance at the news to see how frequently such incidents occur. These attacks and breaches can be extremely costly and debilitate a business’s vitality and reputation. One of the most commonly exploited areas of a security system is the password. Attacks on passwords can occur physically on-site or through online brute-force attacks.
Consider the following five points to create and maintain a more secure password:
- Keep it long: The length of a password is...
U.S. Employer in Class Action Lawsuit Over Employee Privacy Recordkeeping Violations
Employees from Peacock Foods recently filed a class action suit against their employer. The group claims the company violated the Illinois Biometric Identifier Privacy Act. The employees say the company collected their fingerprints when they clocked in and out of work. They also claim the company didn’t follow the mandates meant to protect this information.
This Act requires private entities who collect biometric identifiers, such as iris scans, fingerprints, and even photos to create a written retention schedule. This schedule must be available to the public, specify why this data is collected, and include plans to destroy the records as...
Records Management Disaster Plan Development
Developing a Disaster Plan
Do you have a records management disaster plan? Headlines about natural disasters provide a stark reminder that we can’t control our environment. However, if we plan for disasters and assess risks, we can help ensure business continuity if disaster strikes.
To plan for disaster, analyze the different types of potential disasters and then prepare to mitigate loss. For a records manager, this means finding a way to limit interruption to vital records. It also means taking steps to mitigate the disaster’s impact to the records program.
Vital Records
...
We’re Celebrating Our 30th Year in Business!
Boise, ID — Zasio Enterprises, Inc. recently celebrated 30 years in records management and information governance (IG). Since 1987, founder and CEO Kevin Zasio has built and grown a company—and just as importantly, a team— that’s made a huge impact to IG programs of companies all over the world.
Zasio, Enterprises Inc. began as a Bay Area startup, where Kevin started the process of developing software that could manage the full storage-to-destruction life cycle of a company’s records. But it wasn’t just software Kevin had to consider. There were also federal, state, and international laws and regulations that laid out specific...
Solving the Medical Records Puzzle: Identifying Retention Requirements
Records retention is challenging for healthcare entities. The requirements are complex and there is a lack of harmony among state, federal, and accreditation requirements. State and federal regulations identify different documents you must maintain in a patient’s medical record and mandate different retention periods for the medical record.
Federal law typically requires the retention of medical records for five years. In contrast, states tend to mandate longer retention periods that average seven to ten years after a patient’s most recent visit. However, there are exceptions, such as Massachusetts, which requires the retention of medical records for at least twenty years....
Zasio Gifts Scholarship to San José State University School of Information
BOISE, ID — To celebrate 30 years in business, Zasio Enterprises, Inc. gifted a scholarship to the San José State University Masters in Archives and Records Administration Program. CEO Kevin Zasio presented the program with a scholarship to support the efforts of graduate students hoping to advance their education in the field.
Zasio, a records management and information governance software and consulting company, was founded in San José in 1987. Since the company achieved three decades in the industry, Kevin returned to his roots to gift the scholarship to the community that first supported it.
“Because almost every business creates,...
Proper Destruction of Records
When paper or electronic records have reached the end of their retention period, how do you appropriately destroy them? Below is a summary of common records destruction methods.
Paper Records
Confidential Information
- Shredding: Paper is cut into thin vertical strips (straight-cut shredding) or into vertical and horizontal confetti-like pieces (cross-cut shredding). Most non-confidential records can be straight-cut shredded. Cross-cut shredding is more appropriate for sensitive and confidential records.
- Pulping: Paper is reduced to fibers (pulp) by being mixed with water and chemicals. The pulp can then, in many cases, be recycled into other paper products.
- Pulverizing: Paper is reduced to small, fine particles (such...
Breaking Down Big Data: Challenges of Meeting De-identification Standards
Simply removing direct and indirect personal identifiers isn’t enough to achieve de-identification of a dataset. Data controllers must also analyze the context in which the data is presented, as well as the risk of re-identification. Not only that, but technical methods for performing de-identification are not prescribed by law, but rather are often left to the discretion of the data controller. So how do you limit risk of re-identification and respond quickly with appropriate technical methods of de-identification? And how do you meet de-identification standards?
This article focuses on the practical challenges of meeting de-identification standards, including both GDPR’s heightened standard for...
Poor Records Management May Lead to OIG Exclusions
The Office of Inspector General (OIG) has broad authority to exclude a healthcare organization from participating in federal healthcare programs (e.g. Medicare, Medicaid). Although exclusions commonly arise from violations of the False Claims Act and Anti-Kickback Statute, there are many other violations that could lead to a permissive exclusion. For instance, the OIG can request immediate access to inspect and copy certain records, and can exclude a healthcare entity for failure to produce the demanded records.
The OIG can demand immediate access to records and data in any medium to ensure compliance with federal healthcare program...
ZConnect
Stay up-to-date with Zasio
News and events
Product releases and updates
Conference and event announcements
"*" indicates required fields
Quick Links
Corporate Office
401 W. Front St.
Suite 305
Boise, ID 83702
(800) 513-1000
connect@zasio.com
A pioneer in information governance, we continue to expand our technology and consulting services to help businesses of all sizes maintain the highest records management and retention standards.