Document Shredding & Legal Compliance
We live in a world run by data, and that data piles up in the form of mountains of paperwork. From receipts to medical records, eventually that data will need to be destroyed in order to protect sensitive information including birth dates, addresses and social security numbers.
Because of the highly personal nature of this information and the damage that can be done should it fall into nefarious hands, it's important that your business remains compliant with the laws and regulations regarding document destruction.
There are several laws that have been passed to govern the destruction of sensitive documents. Within the medical industry, HIPAA governs this; in credit, FACTA; and in banking, the GLAB. Each of these has specific requirements to ensure the sanctity of private information is not infringed upon.
With each of these, document shredding is at the core of protecting client information. Further, each of these recognizes that in the modern era, digital information is equally important and there are regulations in place to ensure that everything, from CDs to USB flash drives, is disposed of properly.
To help make navigating these regulations easier for businesses to comply with, the National Association for Information Destruction (NAID) has certified a list of companies that adhere to the regulations set forth by federal and state agencies. This certification ensures that the company you hire to dispose of your data will do so in a manner that maintains regulatory compliance.
Among the elements that go into certification by the NAID, bin sizes and disposal of shredded documents are both taken into account. In fact, there are six sizes that vary from standard strip-cut that's similar to the size used within many homes, all the way to "Level 6" which is small crosscut shreds no larger than confetti. Obviously, the more sensitive the documentation, the smaller the shredded size required.
Further, the most sensitive documents, such as those being disposed of under the rules of FACTA require that shredded documents be kept within a sealed and locked container prior to disposal. These containers can only be opened by authorized personnel. In these instances, the containers themselves are transported to the point of shredding where they are opened, emptied, shredded, and then the empty containers are returned.
Of course, the process doesn't end with the shredding of your sensitive documents. It's important to maintain a record of documents that were shredded. Indeed, your certificate of destruction helps cover you should sensitive information be leaked. To that end, NAID-certified companies will provide this record as proof that they have complied, and that you have complied. Thus, if you are ever audited, this certificate is like money in the bank.
As with any business, it's best to be proactive with your document disposal policies. By taking the proper steps and training your employees in proper data destruction policies, your business will never have to experience problems such as those that befell Anthem, Target, and many others over the past few years.
We invite you to contact UCI, a document shredding business in Amarillo and Lubbock, Texas, to learn more about our secure document shredding and disposal services. UCI is a member of the NAID and provides a certificate of destruction. In addition to destroying paper documents, we also have a hard drive shredder on site for e-waste, such as hard drives, discs, flash drives and more.
UCI will be happy to answer your questions and to tell you more about the methods we use to ensure that your sensitive documents are disposed of properly and in compliance with the laws and regulations applicable within the State of Texas.