Why Shred?

 

It’s the Law

 

There now are laws in place to protect consumers from identity theft. There is FACTA, Credit Report information; HIPPA, healthcare information and Gramm-Leach-Bliley law; financial information.

 

Every Business Has Information That Requires Destruction

 

All businesses have occasion to discard confidential data. Customers lists, price lists, sales statistics, drafts of bids and correspondence, and even memos, contain information about business activity which would interest any competitor. Every business is also entrusted with information that must be kept private. Employees and customers have the legal right to have this data protected. Without the proper safeguards, information ends up in the dumpster where it is readily, and legally, available to anybody. The trash is considered by business espionage professionals as the single most available source of competitive and private information from the average business. Any establishment that discards private and proprietary data without the benefit of destruction, exposes itself to the risk of criminal and civil prosecution, as well as the costly loss of business.

Internal Personnel Should Not be Responsible To Destroy Certain Information

Common sense dictates that payroll information and materials that involve labor relations or legal affairs, should not be entrusted to lower level employees for destruction. But, beyond that, competition sensitive information is best protected from them as well. It has been established, time and again, that employees are the most likely to realize the value of certain information to competitors. And, lower wage employees often have the economic incentive to capitalize on their access to it. The only acceptable alternatives are to have the materials destroyed under the supervision of upper management or by a carefully selected, high security service.

Recycling Is Not An Adequate Alternative For Information Destruction

 

There is no fiduciary responsibility inherent in the recycling scenario. Paper is given away or sold and, by doing so, a company gives up the right say in how it is handled. There is, also, no practical means of establishing the exact date that a record is destroyed. In the event of an audit or litigation, this could be a legal necessity. And, further, if something of a private nature does surface, the selection of this unsecured process could be interpreted as negligent. For all these reasons, the choice of recycling as means of information destruction is undesirable from a risk management perspective.
 If environmental responsibility is a concern, materials may be recycled after they are destroyed or a firm can contract a service that will destroy the materials under secure conditions before recycling them. Any recycling company that minimizes the need for security has its own interests in mind and should be avoided.

 

Stored Records Should Be Destroyed On A Regular Schedule

 

The period of time that business records are stored should be determined by a retention schedule that takes into consideration their useful value to the business and the governing legal requirements. No record should be kept longer than this retention period. By not adhering to a program or routinely destroying stored records, a company exhibits suspicious disposal practices that could be negatively construed in the event of litigation or audit. Also, the new >Federal Rule 26< requires that, in the event of a law suit, each party provide all relevant records to the opposing counsel  within 85 days of the defendants initial response. If either of the litigants does not fulfill this obligation, it will result in a summary finding against them. By destroying records according to a set schedule, a company appropriately limits the amount of
materials it must search through to comply with this law.

 

A Certificate Of Destruction Does Not Relieve A Company From Its Obligation To Keep Information Confidential

 

Any company contracting an information destruction service should require that it provide them with a signed testimonial, documenting the date that the materials were destroyed. The >certificate of destruction<, as it is commonly referred, is an important legal record of compliance with a retention schedule. It does not, however, effectively transfer the responsibility to maintain the confidentiality of the materials to the contractor.
If private information surfaces after the vendor accepts it, the court is bound to question the process by which the particular contractor was selected. Any company not showing due diligence in their selection of a contractor that is capable of providing the necessary security could be found negligent.

All Shred | 3102 South Meridian St. Suite N Indianapolis., Indiana 46217 | © 2010 | Privacy policy