Personal Shredders: Should Your Client’s Legal Information Sit Under Your Desk?
If your company deals in any kind of PII (Personally Identifying Information), you are now subject to much higher scrutiny than ever before. Every state in the US, to varying degrees of severity, has adopted a law regarding the protection and regulation of PII for any company (small, medium or large). In the state of Alabama, the Alabama Data Breach Notification Act just went into effect on June 1, 2018, and the consequences for not complying are steep. Keeping your client’s information safe has always been important, but now it’s a matter of legal security that can no longer be ignored.
Personal Shredders vs. Professional Services
Most businesses owners believe that, in order to comply with data breach laws, a personal shredder, or even a company-sized industrial shredder, can handle their in-house shredding needs sufficiently. Unfortunately, in today’s hacker culture, this is just not enough to ensure compliance, especially if your business handles any kind of medical data (medical records, diagnoses, etc.) or payment information (credit cards, bank accounts, etc.). Personal and industrial shredders have come a long way, but they don’t compare to professional shredding companies that can handle shredding almost anything, securely and definitively. If you’ve been relying on a personal shredder under your desk, in your file room, or as a company-wide method of destruction, it’s time to rethink your position. Here are 3 reasons why professional shredding companies can handle your shredding needs better than that shredder by your desk:
We’ve said that word a lot, but we’ll say it again – because of how strict data breach laws are now, and how much more stringent they’ll become as time goes on and breaches get bigger, trying to handle shredding services in-house is just not adequate. Most breach laws, including the new Notification Act in Alabama, pertain to “covered entities”, which basically means any entity that acquires or uses sensitive PII. If your business doesn’t fall under that category, then most breach laws have added another: “third-party agents”. This means any company that is contracted or used by a covered entity to store, maintain, process, or to have access to PII. In short, if you ever, for any reason, touch, see, or house PII, you better make sure you’re handling it with the utmost care. To ensure that your company is fully compliant with these laws, trusting a fully licensed and insured destruction company to handle your shredding from beginning to end is necessary.
Even if you’re austere about shredding documents in-house, the fact that it’s a ‘non-revenue-producing activity’ means it’s not the most productive use of employee time. Commercial-grade shredders have limited capacity, enabling only a small amount of paper to be shredded in a single session. Things like staples and paper clips must be removed before any shredding can happen, paper jams can occur during the process, and the shredding receptacle (or garbage can) must be emptied when full (which happens often). As a result, if you have your employees shredding file folders full of documents, it’s going to take them a while, keeping them from their true responsibilities. And depending on the size of your company, that could be a significant chunk of money, not to mention the amount of time it takes to properly train your staff on security practices. A professional document destruction solution will not impede employee productivity. Locked collection containers replace your office shredding machines and garbage cans, giving your staff the ability to instantly deposit their unneeded paper files by simply slipping them through a slot, without having to remove staples and paper clips or separating files into small stacks. Those containers are then picked up by the destruction company and the whole process is handled either on-site or off-site, whichever is most convenient and cost-efficient for your business.
- Privacy Protection
As a business, or “covered entity”, you have a legal responsibility to provide privacy protection for your clients, employees, and partners. Sadly, breaches occur when privacy protection falls to the employees when using an in-house shredding plan. If the responsibility falls on your staff to decide what needs to be shredded, that can result in confidential and sensitive material being handled inappropriately, or even fraudulently. Additionally, the material produced by in-house shredding typically ends up in a dumpster in its own bag, making it a highly visible target for dumpster divers and thieves. The percentage of breaches caused by employee ignorance has skyrocketed, so it’s high time you address this potential business liability.
Trust the Right Partner
With a NAID AAA Certified document destruction company, privacy protection is ensured at all times. Each company that maintains this standard has undergone a rigid certification process, one that assesses hiring practices, equipment and facilities. Strict chain of custody procedures are followed at all times by professional technicians who are screened, bonded and insured. With a certified document destruction company, any confusion over what to shred and what to recycle is eliminated, as all confidential material is recycled after being destroyed, and sensitive documents never end up in your dumpster.
If you’re in the greater Huntsville or Birmingham, AL areas and are looking for a certified, experienced, fully secure document destruction company, Secure Destruction is the partner for you. Our company has evolved along with the breach and security laws in our state and country, committing to upholding the highest standards in document and data destruction for over 20 years. Give us a call or get a quick quote on services today!