Category Archives: Maxxum News

Maxxum Insured by Downstream Data Coverage

March 8, 2016

Downstream Data Coverage

Maxxum has always taken our responsibilities as a secure data destruction service provider very seriously. It’s why we’re proud to be AAA NAID certified—a program that establishes standards for secure data and equipment destruction processes.

These NAID (National Association for Information Destruction) standards include:

  • Operational Security
  • Employee Hiring and Screening
  • Audited by Independent 3rd Party
  • Documented Process
  • Data Destruction Insurance (best practices)

Maxxum passed a strict audit to become NAID AAA certified and has agreed to not only be recertified every year, but must pass random audits during the course of the year.

Working with an asset disposal company that is NAID AAA certified should first and foremost bring peace of mind to an organization. With data breaches and information theft making headlines far too often, it’s a HUGE relief for companies to partner with an organization like Maxxum, who will make sure they receive documented transfer of custody and indemnification from their technology assets.

Ensuring Data Security One Step Further with Downstream Data Coverage

Maxxum is now taking that piece of mind one step further for their customers as a “best practices” initiative. We’re now insured by Downstream Data Coverage, the only professional liability coverage developed specifically by NAID for data destruction services.

From the Downstream Data Coverage website:

“Data-related service providers obtain professional liability insurance to protect themselves and to ensure they can cover their financial liabilities to their clients.  When a service provider purchases an inadequate professional liability policy, they not only put themselves at risk, they also leave their customer exposed.  Downstream Data Coverage seeks to make sure that doesn’t happen.”

This specialized policy addresses many of the shortcomings of standard professional liability coverage that leave service providers and their customers at risk.

Downstream Data Coverage is only available to service providers that are subject to the routine announced and unannounced audits of NAID AAA certification. This means that not only is the service protecting the customer with quality professional liability insurance, the service provider is also operating under the scrutiny of outside auditors trained specifically for that purpose.

Too many technology asset destruction service providers rely on off-the-shelf professional liability coverage because they had no other alternatives. Many times that coverage still leaves companies without the full coverage they seek.

Many customers remain at risk, because their service provider would not be able to effectively cover their liability. At Maxxum, we are proud to ensure our processes meet the high standards needed for proper technology asset disposal and data destruction; with Downstream Data Coverage, we’ve just taken it one step further.

Maxxum Conducts Tech Disposal Research Study

February 3, 2016

tech disposal research study

Maxxum recently conducted a tech disposal research study with a simple objective in mind: We wanted to understand your world and how we can make technology disposal easier and safer given the challenges you face in today’s digital environment.

The overriding result of this study revealed that organizations still engage in risky technology disposal behavior, even as data breaches continue to increase in frequency and severity. We were quite happy to find that Maxxum customers rate our services more positively as compared to other technology companies, especially in the key areas of recycling, security, and compliance— which are cited as the most meaningful to organizations.

In this ever-evolving digital age it’s increasingly important to dispose of technology assets using a safe and compliant program. At Maxxum, we’re committed to helping you retire your technology in a documented, secure, and sustainable way.

Tech Disposal Research Proves the Importance of Proper Asset Disposal

Our tech disposal research study gathered responses from highly regulated/risk adverse organizations including health care, insurance, medical device MFG, financial services and education.

The most alarming data uncovered from our research is that 40 percent of respondents stated that they use disposal methods outside of a professional tech disposal service, including equipment donations and giving away old computers, monitors, etc. to employees. Just because your office is done with a computer, that doesn’t mean the secure information it holds isn’t still available.

We stress to our clients and say elsewhere here on our website: You may be vulnerable to legal ramifications if you don’t dispose of your data and drive assets properly. If your sensitive data leaks, you’ll have to answer to the law and your customers.

As one might expect, the most important elements for organizations, the key drivers, are: process and documents, recycling and reuse and security at destination. We’re happy to report that Maxxum customers ranked our service particularly high in those three areas versus other companies.

To see more of the tech disposal research study survey results, contact us for a copy of our white paper.

Refreshing Your Tech? Know Your Risk

September 15, 2015

Risk Calculator

Is your company refreshing its technology assets? In this day and age of data theft, it’s important for you and your company to know that your data doesn’t die simply because it’s unplugged and leaves the building. Cyber-attacks and data breach stories are grabbing too many headlines lately, and if you’re not worried about how you’re disposing of your used technology assets – you should be.

Pop culture has grabbed on and glorified cyber hacking and stolen data with television shows like CSI: Cyber and this summer’s smash cable hit, Mr. Robot.

Data thieves are the modern-day pickpockets, but they don’t need to get close to you. They can steal your information from a laptop in their living room, or by harvesting data you thought was erased by purchasing computers once used by your business.

So we’ll ask again, is your company refreshing its technology assets? Maxxum is here to help. Fill out our quick risk-assessment form that’s designed to help you understand your organization’s potential risk as it relates to technology disposal and asset disposal.

When completed, you will be provided with a score and a recommendation. Maxxum is in the business of maintaining privacy and protecting your information. You can be certain that information collected for this risk assessment will remain confidential and will not be shared with anyone outside our company.

Be Social | #ChooseMaxxum

Maxxum Facebook   Maxxum LinkedInMaxxum Google+  Maxxum Twitter

It’s Earth Month!

April 1, 2015

Today is the beginning of Earth Month!

EarthDayMonth2_04.01
Yes, I said that right, Earth Month. Although some people only recognize Earth Day, on April 22nd, we want to encourage everyone to celebrate our Earth everyday. We understand that a lot of people don’t know what they can or should recycle, how they can reduce or reuse items they’d otherwise throw away, or the human and environmental health risks those certain items are causing when not properly disposed of. We are here to help make the world a better place and show that you can help too. Join us in making Earth Day/Month into part of your everyday lives because here at Maxxum, everyday is an Earth Day. Let’s celebrate!

Keep checking back with us to see how we’re changing the world and how you can help.

 

Community Health Systems faces data-breach class action

October 15, 2014

By Darius Tahir 

Posted: October 13, 2014 – 2:30 pm ET

Community Health Systems, the 207-hospital, 29-state operator, is facing a class-action lawsuit brought by a New Mexico woman, Briana Brito, over a data breach it reported Aug. 18.

The suit, filed in the 4th Judicial District Court in San Miguel County in New Mexico, is being handled by law firms Slack & Davis and the Branch Law Firm, which are meeting with additional potential class representatives in Las Vegas, N.M., on Oct. 15, and have fielded inquiries from other patients based in six other states interested in joining the lawsuit, Slack & Davis attorney Paula Knippa said in an interview.

Brito and her family contend in the suit (PDF) that they were treated at Alta Vista Regional Hospital, Las Vegas, N.M., at the time the breach took place. “As a result of defendants’ failure to implement and follow basic security procedures, plaintiff’s sensitive information is now in the hand of thieves,” according to the suit. The suit does not ask for a specific dollar amount in damages, but instead calls on a jury to determine that at trial.

A CHS spokeswoman declined to comment on the lawsuit, per company policy on pending lawsuits. Opposing attorney Knippa expects a formal response to be filed to his complaint by the end of the month.

The breach was a massive one: 4.5 million patient records were exposed, making it the second largest in HHS’ records, which date to 1997.

According to a CHS SEC filing describing the breach, the hack likely originated from China and focused on valuable non-clinical, non-medical data, such as “patient names, addresses, birthdates, telephone numbers and Social Security numbers.”

Hackers struck in April and June 2014. CHS offered identity theft protections to affected individuals.

CHS’ SEC filing anticipates the possibility of litigation, but does not expect it to have a material effect on its finances.

The law firms also are starting a national campaign, primarily on television, to alert potentially affected individuals about the data breach and potentially recruit them as clients as well.

The focus of the existing suit will likely be on Community Health Systems’ security procedures and the operator’s alleged tardiness in alerting patients about the dangers of the data breach, Knippa said.

“It’s uncertain at what point that information will be exploited. The problem is that personal information doesn’t change. The repercussions of this event could be felt for years,” she said.

Maxxum Recertified as a NAID® AAA Information Destruction Operations Provider

August 4, 2014

NAID-AAA-CertLOGO

 

Recertification and new leading-edge service offerings help organizations satisfy rigorous electronic information protection and data destruction requirements

Minneapolis / St. Paul., MN – Maxxum Inc., a leading IT asset disposition solutions provider, has been recertified as a NAID® (National Association for Information Destruction) AAA Certified provider of Asset Disposition services – namely computer hard drive sanitization, as well as mobile and plant-based physical destruction of hard drives. The NAID AAA Certification Program establishes stringent standards for a secure information destruction process, including such areas as operational security, employee hiring and screening, documented processes responsible disposal and insurance. Working with a NAID AAA certified vendor gives organizations peace of mind know that all of their information destruction legal requirements are satisfied.

“Data protection and destruction is an increasingly significant and complex issue for our clients, and with NAID AAA Certified asset disposition services and other leading edge data security services Maxxum is well positioned to help these organizations protect their sensitive information while satisfying rigorous regulatory requirements,” says Rich Woodward, president and owner, Maxxum.

The enforcement of data privacy laws, often accompanied by significant fines, is becoming more prevalent, and over the past two years Maxxum’s client base has grown some 30 to 40 percent as organizations look for help not just with satisfying data destruction requirements, but establishing sound policies and procedures to keep sensitive data secure throughout the IT lifecycle.

“Where two years ago most of our clients were based in the Upper Midwest, today we work with organizations throughout the United States and even into Canada, providing a variety of value-added services to help them efficiently and effectively solve diverse data and IT equipment protection needs,” says Woodward. “We’ve also hired additional personnel to help keep pace with the growing demand for service.”

About NAID

NAID is the non-profit trade organization of the secure destruction industry. Founded in 1994, its mission is to promote proper destruction of all forms of discarded media containing personal and proprietary information. NAID has forged strong relationships internationally with policymakers and regulators, produces an extensive catalog of guidance publications, and enforces security standards for the secure destruction industry around the world.

About Maxxum

With secure, modern facilities located near Minneapolis/St. Paul, Minnesota, Maxxum is an IT lifecycle management consulting firm that works with a strong network of clients, suppliers, and recyclers to provide cost effective IT Asset Disposition solutions throughout North America.

As a NAID AAA Certified entity, Maxxum is committed to providing the best customer service in the industry. As IT lifecycle management consultants, every program Maxxum creates is fully customized to meet the specific needs of each client. Maxxum uses industry best practices to sanitize computers and information hearing devices, complete with Certifications of Destruction, as outlined by the Department of Defense Data Security Standard and the National Institute of Standards & Technology (NIST) Guidelines. Maxxum has a strict no-landfill policy.

Maxxum Inc., 1350 South Field Avenue, Rush City, MN 55069; 651-674-2715; www.maxxuminc.com.

Maxxum’s New CTO Eyes Healthcare and Other Markets

Plans to expand the company’s Secure IT Asset Disposal expertise

Minneapolis, MN — October 3, 2013 — Maxxum, Inc., a regional leader in Secure IT Asset Disposal services, today announced that Ray Davey has joined the company as its Chief Technology Officer. Davey’s charter is to further develop the company’s product and service capabilities, define technology strategies, and provide technical oversight for company operations.

Rich Woodward, Maxxum’s CEO, explains, “Ray’s IT leadership experience and deep understanding of business strategy are great assets to the company. We’ve grown nicely over the past 16 years; with Ray’s focus on new product and service development, aimed at strategic vertical markets, we expect to increase our value to clients.”

Davey has spent more than 20 years with technology and professional services companies like Hewlett-Packard, EDS, Cap Gemini, ESP, and Lorton Data. During his recent tenure at Lorton Data, the company deployed a first-to-market cloud-based product suite that garnered industry recognition for technology innovation.

“Maxxum is the last link in a chain of custody for sensitive data such as Protected Health Information (PHI) and other equipment-bound proprietary material. The number of devices storing information using non-volatile technology is growing at an alarming rate” states Davey. “Responsible entities must implement strategies to prevent unintentional data breaches when devices and equipment reach end-of-life. It’s my job to help Maxxum’s clients manage this risk by providing best-in-class secure data disposal services,” he continued.

Be Indemnified against IT Security and Financial Risk with MaxxumSAFE Web-Based Compliance Tool

April 14, 2014

“Paperless paper trail” provides proof of process and compliance related to data destruction and environmental disposal regulatory requirements.

MINNEAPOLIS & ST. PAUL, Minn.–(BUSINESS WIRE)–Maxxum Inc., a leading IT asset disposal solutions provider, introduces MaxxumSAFE™ – a web-based document repository and project management tool that provides Maxxum clients with proper exit documentation and ready access to complete information on all end-of-life equipment records by date, location or equipment type. MaxxumSAFE provides proof of compliance to indemnify organizations against IT security and financial risk, and can only be accessed by authorized personnel.

“MaxxumSAFE is essentially a ‘paperless paper trail’ hosted by a third party Tier One US Internet provider that provides proof of process and compliance, in response to regulatory requirements for both data destruction and environmental disposal,” says Rich Woodward, President and CEO, Maxxum, Inc. “Being able to quickly access organized and sortable information can prove absolutely invaluable when during an audit, when proving compliance is critical.”

Maxxum Receives NAID® AAA Certification for Information Destruction Operations

December 11, 2013

Organizations who work with a NAID AAA Certified vendor have peace of mind knowing that all of their information destruction legal requirements are satisfied

RUSH CITY, MN – Maxxum Inc., a leading Midwest IT asset disposal solutions provider, has received NAID® AAA Certification for the company’s  asset disposal operations. The NAID (National Association for Information Destruction, Inc.) AAA Certification Program establishes standards for a secure information destruction process, including such areas as operational security, employee hiring and screening, responsible disposal and insurance.

Most developed nations have information protection laws and regulations that require written information protection procedures – including a written process for selecting a qualified and reputable data destruction vendor. Specifying a NAID AAA Certified information destruction vendor necessarily establishes that criteria, effectively satisfying that legal requirement. Where regulations require ongoing verification of vendor compliance, NAID AAA Certification satisfies that requirement too. Choosing to work with a non-NAID AAA Certified information destruction provider requires the organization to develop some other written and verifiable criteria from scratch.

“It’s not enough to simply obey government regulations – organizations have to prove compliance, which is the Achilles heel of most company’s data destruction, IT disposal, and recycling plans. Maxxum works with corporations, educational organizations, and governmental entities to provide customized data sanitization and IT asset disposal services in accordance with NAID AAA certification. Maxxum assures clients remain fully compliant with all laws and regulations, and provide them with the information to prove compliance.”

NAID AAA Certified service providers subject themselves to intense scrutiny and system verification because they are committed to their customers’ peace of mind. An organization that makes a single mistake in disposing of its PC’s and other electronic assets can easily cost millions of dollars in legal fees, penalties, and lost business, as well as severely tarnish the reputation of the organization. As a NAID AAA Certified service provider, Maxxum tailors hassle-free IT life-cycle management programs that maximize return-on-investment and minimizes cost, and indemnifies the company’s clients against liability.