Data Retention Compliance: Document Shredding

You may be responsible for your company’s document retention and destruction. Here you will learn about data retention compliance and document shredding services.

To help comply with document retention and privacy laws and regulations, you may contract with a vendor specializing in document destruction, such as document shredding service Boston.

Data Retention Compliance

There are federal, state, local, and international data retention and privacy laws and regulations, including HIPAA’s PHI or personal health information, GLBA’s and SOX’s financial records, FACTA’s PII or consumer personally identifiable information, European Union’s GDPR, industry-specific, and company-wide regulations.

Your business may have internal, confidential, and secret data. The type of data to be destroyed dictates the level of security needed in data destruction. You may need to follow one of DIN’s seven shredding security standards. DIN P-4 through P-6 are FACTA compliant, and P-7 is NSA top-secret compliant. Shredders may cut papers using strip-cut, particle-cut, cross-cut, and pierce-and-tear methods, each providing a different level of security.

Document Shredding Services

Document destruction vendors may provide on-site or off-site shredding services. Typically, a mobile GPS-tracked, camera-equipped document shredding truck comes to your location during an on-site service. The driver securely transports your documents to the truck and stays on site while your documents are being shredded inside the truck’s industrial paper shredder.

For off-site shredding, the driver securely loads your documents onto the truck and takes them to a facility to be shredded. A chain of custody for transporting, storing, and shredding is documented.

A Certificate of Destruction is provided after shredding completion. A CoD provides documentation for audits and may include your business contact, company name, address, date, time, location, and type of shredding.

The vendor may charge you based on a fee per box, per shredding bin, per hour on-site, or per pound, plus administrative charges.

Contracting with a licensed, bonded, insured, and NAID AAA-certified vendor would be good. NAID sets industry standards for information destruction and is part of the International Secure Information Governance & Management Association.

Vendors may create bales of shreds and take them to a paper mill recycling plant for disposal.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.