Why Process and Verification Matters in Information Disposal

When you consider the need to have paper or media destroyed, you often just think of the simple physical task of shredding these materials with heavy-duty equipment. But the ability to make that happen involves many less-obvious procedures which are implemented to keep that information secure.

NAID AAA Certification

The National Association for Information Destruction (NAID) actively promotes the information destruction industry and sets standards and ethics for this purpose. Anyone that produces Personally Identifiable Information (PII) and chooses a NAID AAA Certified company to handle their sensitive material, can be confident that the handling of their sensitive information from creation to destruction will be legally compliant.

A paper and media destruction company that is NAID AAA Certified had to pass an initial audit plus ongoing, unannounced audits conducted by a third-party Certified Protection Professional (CPP®) accredited by the American Society for Industrial Security International (ASIS). Several areas are assessed during the audit, including:

Facility and Operational Security

Your shredding provider’s operations, facility, and staff must be secure in order to receive NAID AAA Certification. Access to sensitive and confidential materials be restricted to authorized individuals. Document collection containers for shredding must be secure. To protect your information from unauthorized access, shredding technicians should be background-screened prior to hiring and adhere to a strict chain-of-custody protocol. This is necessary to ensure information protection for your information from creation to destruction.

Employee Hiring Practices

NAID AAA Certification requires that your shredding provider’s employees meet specific minimum educational requirements, sign confidentiality agreements, and undergo drug testing, strict background checks, and credit report checks. These are all done to achieve a high level of security when handling your sensitive documents.

Compliance with Federal and State Laws

This is non-negotiable when offering secure shredding services to the public. Understanding and adherence to the following laws is a must for a NAID AAA Certified shredding provider:

  • The Health Insurance Portability and Accountability Act (HIPAA), which regulates personal health information
  • The Fair and Accurate Credit Transaction Act (FACTA), which puts responsibility on those who handle sensitive documents
  • The Gramm-Leach-Bliley Act (GLB), which focuses on financial and insurance institutions
  • The Family Educational Rights and Privacy Act (FERPA), which protects the privacy of student education and parent records
  • The Sarbanes-Oxley Act (SOX), which sets the minimum retention time prior to shredding of documents

Insurance Requirements

Insurance which covers you and your shredding provider is required for a NAID AAA Certified shredding company. The insurance should cover damages incurredin case of theft, accidental release of confidential information, mobile shredding equipment damage, destroying the wrong documents, and fraudulent or criminal employee acts.

Destruction Processes

NAID AAA Certification requires that your shredding provider meets strict requirements for the manner in which discarded documents and media are picked up, dropped off, shredded on-site, the schedule and method of destruction, and the recycling process the shredded paper or media undergoes.

Confirmation of destruction is an important and final part of the professional shredding process. This is done by issuing a Certificate of Destruction to you, which states that all shredding has been securely carried out. The certificate should include the date and location of destruction, witness information, and a transaction number. This certificate provides you with legal proof that your records have been destroyed in accordance with legal requirements, and can be used to show compliance with HIPPA, FACTA, SOX and GLB.

Ensuring the privacy of your business and client data is the main reason for undergoing the NAID AAA Certification process and ongoing re-certification.

Richards & Richards is a NAID AAA Certified paper and media destruction company that serves the Nashville area. For more information, please give us a call at 615-242-9600 or complete the form on this page.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Request an Immediate Shredding Quote

  • This field is for validation purposes and should be left unchanged.

Newsletter Signup

  • This field is for validation purposes and should be left unchanged.