How secure is your data?

Privacy and document security issues are becoming even more critical with the accountability requirements of the Affordable Care Act and regulations impacting financial services and other business sectors. That’s why Bacompt has contracted with Infotex, an objective, third-party auditor, to provide network monitoring, event log management, and incident response in compliance with FFIEC (Federal Financial Institutions Examination Council) guidelines.

Bacompt’s data security protocols include:

  • Third-party, 24/7 network monitoring
    • Intrusion prevention and detection systems
    • Log monitoring
    • Forensic documentation
  • Secure data transfer (SSL/SFTP)
  • Automatic data encryption whenever data is “at rest”
  • Scheduled password changes
  • Up-to-date antivirus software

Perhaps more importantly, third-party certifications qualify us for many government-regulated printing projects. Infotex employs methodologies, confirmation and analysis processes, and reporting procedures that comply with FFIEC guidelines as they pertain to the GLBA (Gramm-Leach-Bliley Act), the HIPAA (Health Insurance Portability and Accountability Act) Security Ruling, and ISACA (Information Systems Audit and Control Association) standards for auditing.

Infotex certifies that Bacompt is in compliance with the following:

  • Information Security Requirements of GLBA
  • HIPAA Security Ruling
  • Five steps of FISMA (Federal Information Security Management Act)

In addition, Bacompt has contracted with Infotex to provide biennial Information Technology Security and Compliance Audits. The complete Compliance Attestation Report is available upon request.


Postage savings, part two: ACS and ARS. #IPD17

The cost of inaccurate addresses can impact your organization in so many ways, from annoying the intended recipient and losing valuable time, to hard dollar losses in printing and postage fees. In addition to the presort and automation efficiencies Bacompt offers, our clients also save significantly from our extensive tools to improve delivery accuracy.

ReturnAAddress Change Service.

ACS is an electronic enhancement that centralizes, automates, and improves the process of providing address correction or reason for non-delivery notices. Bacompt consolidates this with additional information added to the USPS interface Intelligent Mail Barcode (IMb).

The barcode now includes three new data fields that enable the USPS to provide additional services:

  • Service type ID: returned mail
  • Mailer ID: identifies Bacompt as the creator of the mail piece
  • Serial Number: uniquely identifies each mail piece

Moreover, we pull and process list data daily. From this, we can reformat and import electronic records back into our customers’ databases for their own list hygiene and use.

ReturnBAddress Resolution Service.

Many address records revealed as “broken” by USPS CASS™ and DPV™ processing can be repaired and returned to mailing for prompt and efficient delivery. With ARS, Bacompt can put these “bad” addresses to good use by employing state-of-the-art technology for easy re-integration with your mailing lists.

Historically, you’ve had two choices for mail displaying only a 5-digit zip code:

  • Omit records from the job, which will save printing and postage
  • Mail anyway, which will draw higher postage and risk never being delivered

Our software gives you a third choice, “none of the above.” ARS can restore these “undeliverable as addressed” records to peak 9-digit deliverability with a typical success rate of 30 percent, sometimes much higher. You’ll reduce your undeliverable mail without sacrificing potentially profitable addresses in the process.

Give us a call to discuss how we can improve the deliverability of your mailings, saving you wasted postage fees.



Insert integrity — how much is enough? #IPD16

The ability to irrefutably account for the creation, processing, and delivery of a document can make a critical difference when legally sensitive material is being handled. While others may present lesser alternatives, our clients rest assured in the knowledge they have chosen a partner that provides the ultimate assurance level of inserting integrity. To help assist you in understanding the integrity level of your inserted mail, we’ve developed a simple comparison chart outlining the degree of diligence applied at each level of integrity.

Insert Integrity

Top-level integrity: Two barcodes applied to documents during print file generation allow each piece of mail to be tracked individually during print, assembly, and mailing through the USPS. Camera matching technology is employed to read and reconcile a sequential number on each mailer. Closed loop quality control process ensures manually handled mailpieces are fully accounted for.

High integrity: Using file-based technology, each piece of mail is tracked through the print and assembly process via an intelligent insert barcode and a mail run file that accounts for each piece during processing. With this system, customers can see when a mail piece was processed and if any pieces were processed manually.

Moderate integrity: This basic level of integrity requires an intelligent barcode that drives the insert machine. This barcode helps to ensure pages for each client are kept separate. Piece counts are also required for this level of integrity so customers can be contacted if the number of mail pieces generated doesn’t match number of pieces inserted.

Minimal integrity: Only provides piece count verification and OCR recognition. This non-intelligent or non-barcoded type of processing does not allow for collation or tracking.

Bacompt understands how important quality assurance is to our clients. Contact us for a consultation on matching the right program to your mailing requirements.


Postage savings, part one: presorting.

Regardless of what happens with future postal rate rulings, you want to pay as little as possible in postage. Choosing a mailing service that is fully integrated with the USPS can result in streamlined processes and savings. This can mean up to $0.099 less in postage for a one-ounce letter-size envelope.

Another way to save is to eliminate wasted postage on returned mail by scrubbing your database with software such as state-of-the-art, OpteSort mail manager software by NPI.

Additionally, today’s multi-line optical character readers (MLOCRs) automatically barcode and sort both letter-size and flat-size envelopes. By using e-forward technology, the MLOCR reads the delivery address as the mail is processed at speeds of up to 40,000 pieces per hour. If it detects that a change of address has been submitted through the USPS, the MLOCR applies the new address directly above the intelligent mail barcode, resulting in delivery to the new address without delay.

Bacompt employs all of these strategies and more.

We make sure your mail is entered into the postal stream within 24 hours. And our sorters are networked together, combining the mail from each sorter into one mailing to achieve greater saturation levels that further increase postage savings.

Give us a call to discuss how we can save you a big chunk of change on postage.

The future of postage rates.

The USPS recently announced at their Mailer’s Technical Advisory Committee (MTAC) meetings that it will not file for a postage rate increase for 2016 on market-dominant products. The main reason is that the annual consumer price index (which is currently low) dictates postage increases under the Postal Reform Act.

And it only gets better. We could actually see a postage decrease soon when the 4.3 percent exigency rate increase of 2013 reaches $1.91 billion — what the USPS was allowed to recoup through an earlier DC Court of Appeals ruling meant to offset losses the USPS suffered during the recession.


Study on data breach preparedness.

A recent report is available online titled “Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness.” The report was conducted by Ponemon Institute and sponsored by Experian® Data Breach Resolution.

Some of the more interesting findings include:

• Data breaches are increasing in frequency. In 2013, the study showed 33 percent of respondents had a data breach involving loss or theft of more than 1000 records containing sensitive information. In 2014, that number rose to 43 percent.

• 68 percent of respondents do not agree that their organizations understand what needs to be done following a material data breach to prevent negative public opinion, blog posts, and media reports.

• 67 percent of respondents do not agree that their organizations understand what needs to be done following a material data breach to prevent the loss of customers’ and business partners’ trust and confidence.

• 62 percent of respondents do not agree that that their organizations are prepared to respond to a data breach involving business confidential information and intellectual property.

• 49 percent of respondents do not agree that their organizations are prepared to respond to the theft of sensitive and confidential information that requires notification to victims and regulators.

You can read the full report here.

Annual Report to Congress on Breaches of Unsecured Protected Health Information

By Christine Zoccola, guest columnist and attorney with Bose McKinney & Evans LLP, Indianapolis, IN

Each year, the Secretary of Health and Human Services submits to Congress an annual report containing the number and nature of breaches of unsecured protected health information reported to the Office of Civil Rights (“OCR”) as required by the Health Insurance Portability and Accountability Act (“HIPAA”), and the actions taken in response to those breaches (“Report”). The Report is submitted to the Senate Committee on Finance, the Senate Committee on Health, Education, Labor, and Pensions, the House Committee on Ways and Means, and the House Committee on Energy and Commerce. The most recent Report provides information for the breaches reported to the OCR that occurred in calendar years 2011 and 2012, as well as provides some cumulative data on breaches reported since September 23, 2009.

The Report addresses large breaches and smaller breaches separately. Large breaches involve 500 or more individuals and notification to the OCR of a large breach must occur contemporaneously with the notice to the affected individuals. For 2011, the OCR received 236 reports of large breaches which affected approximately 11,415,185 individuals. For large breaches occurring in 2012, the OCR received 222 reports, which affected approximately 3,273,735 individuals. Cumulatively, from September 23, 2009, through December 31, 2012, the OCR received 710 reports of large breaches affecting a total of approximately 22.5 million individuals.

Of the 236 large breaches in 2011, OCR received 150 reports of breaches occurring at health care providers, 23 at health plans, and 63 at business associates. Theft and loss of protected health information were the most common causes of large breaches occurring in 2011. Of the 222 breaches in 2012, there were 150 reports of breaches occurring at health care providers, 55 at health plans, 16 at business associates, and 1 report of a breach at a healthcare clearinghouse. In 2012, theft and hacking/IT incidents were the top causes of large breaches.

Breaches of unsecured protected health information affecting less than 500 individuals are to be reported to the OCR no later than 60 days after the end of the calendar year in which the breaches are discovered. For 2011, the OCR received approximately 25,705 reports of smaller breaches affecting approximately 151,605 individuals. For 2012, the OCR received approximately 21,194 reports of smaller breaches affecting approximately 165,135 individuals. Several of the reports for 2011 and 2012 involved misdirected communication where for example, clinical or claims records of one individual was mistakenly mailed or faxed to another individual or where test results were sent to the wrong individual.

For more information, the Report can be found here.

Reprinted with permission from Bose McKinney & Evans LLP, Indianapolis, Indiana.
© 2014 Bose McKinney & Evans LLP

For more information about the topics presented, contact your attorney or the author of this article.  The information in this article should not be construed as legal advice and does not constitute an attorney/client relationship. Remember, laws vary state-to-state, so consult with a local attorney on state specific issues.