5 Important Information Destruction Rules to Follow
1. Don’t Mishandle Information
Personally Identifiable Information (PII) legislation requires businesses to have reasonable security procedures in place for data disposal and safeguards to protect and dispose of every bit of information that can be traced to a specific individual. Any information that is generated by your business must be protected from the time it is created to the time it is destroyed. This legislation supports the 1974 Privacy Act, which offers every client the right to privacy and leaves the responsibility on the shoulders of businesses that possess and handle client information.
2. Dispose of Paper Documents Responsibly
The average office worker uses roughly 10,000 sheets of copy paper each year. Much of that paper will have printed information on it that must be disposed of at the end of its life. But how do you decide which documents should be shredded and which can be thrown in the garbage or recycle bin? Simple: shred everything. This includes receipts, prescription labels, boarding passes, resumes, mail, announcements, and financial statements. By shredding everything, you will remove all possibility of your information being stolen for the purpose of criminal activity.
Paper needs to be shredded in a manner that prevents reconstruction. The Fair and Accurate Credit Transaction Act (FACTA) says that companies that fail to properly dispose of sensitive information will be held responsible. Keeping information confidential from the time it is created to the time it is destroyed, a.k.a. “cradle to grave,” is vital.
3. Destroy Data Properly
According to a National Association for Information Destruction (NAID) study, 40% of used media devices sold on the second-hand market had PII found on them. There are many ways to attempt to erase or remove data from hard drives, but there is no better guarantee of total security than having them destroyed by a professional shredding company.
The Computer Fraud and Abuse Act (CFAA) explains how the disposal of digital documents must be legally handled, and a reputable shredding company will ensure the data on your USB drives, hard drives, backup tapes, CDs, DVDs, and Blu-rays is completely unrecoverable.
4. Document Retention Periods Must Be Observed
It is required by law that you retain client, employee, and company information for a minimum amount of time which varies depending on the type of document. But what happens once that date has passed? Many documents eventually outlive their purpose, and if you hold on to them beyond their required retention date, you risk a security breach and non-compliance with today’s privacy legislation.
The length of the retention period depends on the type of your business and the lifecycle of your documents. They could also differ depending on dates the retention periods are calculated from. Reference federal, state, or local laws to ensure you are destroying outdated documents at the right time.
5. Work with A Professional Shredding Company
Incorporating the first four information destruction rules is much more achievable if you seek the services of a professional, compliant, and secure shredding provider. They are trained to handle your information securely and can destroy your documents and media beyond recognition. They are well trained in and knowledgeable of local, state, and federal laws as it pertains to information destruction. Your business, clients and staff will benefit from outsourcing your information destruction.
GreenServ was founded by Mississippi natives. We provide destruction services throughout Mississippi, Louisiana, and Tennessee, including one-time purge paper shredding, scheduled paper shredding, and media shredding. To tell us about your specific destruction needs, please give us a call at 662-533-0940 or complete the form on this page.