Shredding is one of the best ways to combat identity theft and business fraud. Still, there are several rules to follow when destroying sensitive personal, financial and medical information. Here are several shredding and destruction best practices to use in your organization:
When in Doubt, Destroy
Too many organizations get into trouble by tossing confidential information into recycling bins. You can eliminate this problem by implementing a “shred everything” rule in your company. When you outsource your shredding to a qualified partner, your documents are shredded first and then recycled.
Because office shredders are cumbersome to use and prone to breakdowns, confidential documents can go days or weeks before being destroyed. And the longer you wait to destroy confidential information, the greater the risk of a privacy breach.
With an outsourced shredding solution, locked collection containers are delivered to your office free of charge. Your employees simply drop confidential files through the slot quickly and easily. On a scheduled or on-demand basis, the contents of your collection containers are picked up by a screened service technician and destroyed on-site at your facility or securely transported off site for destruction at a shredding plant.
Destroy Media the Right Way
Erasing or reformatting your hard drives or tapes doesn’t guarantee your data won’t be stolen and misused. With a little know-how, thieves can still extract sensitive information from media storage devices. Only physical destruction of the drive renders it completely inoperable so data can’t be extracted.
A professional media destruction service combines several steps to ensure the data on retired storage media is completely irretrievable. First, the media is degaussed and eradicated, erasing all data from the device. Second, a delamination process is used to separate the data-bearing material from the disc. Finally, the media is ground into small particles. Together, these processes eliminate the chance of your data becoming compromised.
Keep in mind that not all shredding and destruction providers integrate degaussing, delamination and grinding into their destruction process, so be sure to choose a vendor that incorporates these steps.
Demand Verification and Documentation
HIPAA, FACTA, SOX, GLB and GA Senate Bill 425 all contain provisions requiring businesses to verify their information destruction processes. However, using an office shredder to destroy confidential documents doesn’t offer a verifiable record of regulatory compliance.
Only outsourced shredding and destruction offers official verification and documentation. A Certificate of Destruction issued by your shredding partner notes the time, date and method of destruction. This document verifies your company’s due diligence with state and federal regulations regarding the disposal of sensitive personal, financial and medical information.
When it comes to shredding and destroying your organization’s information, keep these best practices in mind.
Records Management Center provides professional shredding and destruction solutions for businesses throughout Augusta, Evans, Thomson, and Martinez, GA, and Aiken, SC and the Central Savannah River Area. For more information, please contact us by phone or complete the form on this page.