News & Events
Stay on top of the changing information governance landscape with expertly written blogs and industry-driven webinars by Zasio experts. Our case studies show how we’ve served every industry from pharmaceutical to utilities.
Solving the Medical Records Puzzle: Identifying Retention Requirements
Records retention is challenging for healthcare entities. The requirements are complex and there is a lack of harmony among state, federal, and accreditation requirements. State and federal regulations identify different documents you must maintain in a patient’s medical record and mandate different retention periods for the medical record.
Federal law typically requires the retention of medical records for five years. In contrast, states tend to mandate longer retention periods that average seven to ten years after a patient’s most recent visit. However, there are exceptions, such as Massachusetts, which requires the retention of medical records for at least twenty years....
Zasio Gifts Scholarship to San José State University School of Information
BOISE, ID — To celebrate 30 years in business, Zasio Enterprises, Inc. gifted a scholarship to the San José State University Masters in Archives and Records Administration Program. CEO Kevin Zasio presented the program with a scholarship to support the efforts of graduate students hoping to advance their education in the field.
Zasio, a records management and information governance software and consulting company, was founded in San José in 1987. Since the company achieved three decades in the industry, Kevin returned to his roots to gift the scholarship to the community that first supported it.
“Because almost every business creates,...
Proper Destruction of Records
When paper or electronic records have reached the end of their retention period, how do you appropriately destroy them? Below is a summary of common records destruction methods.
Paper Records
Confidential Information
- Shredding: Paper is cut into thin vertical strips (straight-cut shredding) or into vertical and horizontal confetti-like pieces (cross-cut shredding). Most non-confidential records can be straight-cut shredded. Cross-cut shredding is more appropriate for sensitive and confidential records.
- Pulping: Paper is reduced to fibers (pulp) by being mixed with water and chemicals. The pulp can then, in many cases, be recycled into other paper products.
- Pulverizing: Paper is reduced to small, fine particles (such...
Breaking Down Big Data: Challenges of Meeting De-identification Standards
Simply removing direct and indirect personal identifiers isn’t enough to achieve de-identification of a dataset. Data controllers must also analyze the context in which the data is presented, as well as the risk of re-identification. Not only that, but technical methods for performing de-identification are not prescribed by law, but rather are often left to the discretion of the data controller. So how do you limit risk of re-identification and respond quickly with appropriate technical methods of de-identification? And how do you meet de-identification standards?
This article focuses on the practical challenges of meeting de-identification standards, including both GDPR’s heightened standard for...
Poor Records Management May Lead to OIG Exclusions
The Office of Inspector General (OIG) has broad authority to exclude a healthcare organization from participating in federal healthcare programs (e.g. Medicare, Medicaid). Although exclusions commonly arise from violations of the False Claims Act and Anti-Kickback Statute, there are many other violations that could lead to a permissive exclusion. For instance, the OIG can request immediate access to inspect and copy certain records, and can exclude a healthcare entity for failure to produce the demanded records.
The OIG can demand immediate access to records and data in any medium to ensure compliance with federal healthcare program...
De-identification Standards to Protect Personal Information
Individuals value their privacy. In contrast, businesses value the ability to leverage personal information to deliver quality products and services to meet the needs of their clients. The legal standards that regulate the protection of personal information help bridge the gap between these two opposing interests.
This article addresses when to apply de-identification, the legal standards under specific regulations for de-identifying personal information, and the effect meeting such de-identification standards has on the use of the remaining data set.
The full article can be seen at ACC‘s (Association of Corporate Counsel) Docket Magazine here.
ARMA International Conference & Expo – Oct 15-16, 2017
This year, we’re celebrating our 30th year in business at the ARMA International Conference in Orlando, Florida on Oct 15-16. Celebrate with us, enrich your skills, and expand your network!
We know all about the evolving landscape of information governance (IG). In fact, we’ve been agents of change since the 80s, paving the way in records management and IG. We’ve walked clients through every stage of IG, from education and planning to implementation and maintenance.
We’ve invested 30 years of service to IG because we’re passionate about it. In all that time, we’ve helped hundreds of business not only get started in...
A Day in the Life of a Zasio Software Support Specialist
In the world we live in today, customer support is a requirement for most products or services we use for both business and personal reasons. At some point, we’ve all contacted customer support representatives. Those experiences probably ranged from, “I waited on hold for two hours, was transferred four times, and my issue still hasn’t been addressed…” to “Thank you for the great service, my reason for contacting support has been resolved.” A company may have great products and services, but a few bad experiences with customer support can cause us to take our business elsewhere.
As Zasio Software Support Specialists,...
How Do You Know How Long to Keep Your Records?
A company’s records retention schedule (RRS) needs proper retention periods for their records and information. So, what do these retention periods do? They help designate information you should retain and tell you how long to keep it. In fact, once you finalize and implement well-defined retention periods, they can help ensure you properly and consistently retain and dispose of information company-wide. If you don’t want to suffer the risks of non-compliance or over retention, you need to define solid and up-to-date retention periods.
There are several things to think about as you research appropriate RRS retention periods. The following are...
GDPR Compliance Prep for US Companies
The clock is ticking on the European Union’s new privacy law, the General Data Protection Regulation (GDPR). We’re less than one year away from when the GDPR comes into force, May 25, 2018. This new regulation imposes sweeping privacy protection requirements on any entities that oversee personal data operations or process personal data in the EU. This has the potential to impact companies on an international scale. The new requirements come hand-in-hand with a set of stiff penalties for non-compliance, including punishing fines that can soar to € 20 million or 4% of a company’s annual gross revenue.
Unfortunately, many...
ZConnect
Stay up-to-date with Zasio
News and events
Product releases and updates
Conference and event announcements
"*" indicates required fields
Quick Links
Corporate Office
401 W. Front St.
Suite 305
Boise, ID 83702
(800) 513-1000
connect@zasio.com
A pioneer in information governance, we continue to expand our technology and consulting services to help businesses of all sizes maintain the highest records management and retention standards.