creating an information destruction policy

Increasing attention to information protection and, more specifically, recent state and federal regulations, require that all organizations have written policies and procedures to protect personal information.

Proper information destruction is among those aspects of data protection that are receiving the most attention from policy makers.  Improperly discarded personal information is one of the leading causes of privacy violations and identity theft.  As a result, laws now necessitate that such information be properly destroyed when discarded.  These same laws also mandate that policies and procedures for destroying discarded information be established in writing.

Documenting the policies and procedures governing an organization's proper information disposal is important not only to establish that employees are given sufficient direction, but also to assure regulators, as well as customers, that the organization recognizes, practices and enforces their responsibilities.

Without such written policies and procedures, an organization runs the likely risk of being found negligent in demonstrating the ability to properly train employees.  Lack of written policies demonstrates that the organization is not adequately attempting to comply with its overall information protection duties.

SecurShred representatives have completed Compliance Toolkit Training by the National Association for Information Destruction (NAID).  Only professionals that have completed this training can use the Compliance Toolkit information in assisting organizations with the writing of policies and procedures for proper information disposal.  Contact us for more information or to set-up your consultation.