NAID AAA Certification for Document Shredding?
Mon, Dec 31, 2018
By: Steve Clopton
Shredding documents is a critical component of compliance with regulations like HIPAA and FACTA. When documents are not properly destroyed, there’s a risk that they might be stolen or reconstructed, thus compromising the privacy and security of your clients.
Gilmore Services has a NAID AAA certification, something that you should look for in any document maintenance partner. One of the most common questions we get about document destruction is this:
What does NAID AAA certification mean for document shredding?
That’s an important question because some companies tout their NAID membership with an implication that it’s the same thing as a certification. With that in mind, let’s talk about what NAID AAA certification means.
What is NAID AAA Certification?
The National Association for Information Destruction, or NAID as it is more commonly known, is an international body for companies who provide secure information destruction services to their clients. It is a division of the International Secure Information Governance and Management Association (I-SIGMA.)
NAID’s job is to outline ethical standards for member companies. It also promotes the information destruction industry and offers certifications to companies.
The NAID AAA Certification Program is provided to NAID members who want to demonstrate that they have the knowledge and expertise to handle sensitive paper and electronic documents. The certification is voluntary.
The program requires participants to be audited for “mobile and/or plant-based operations in paper or printed media, micromedia, computer hard drive destruction, and/or computer hard drive sanitation.” In other words, it’s a way for members to document that their document destruction procedures adhere to the highest possible ethical standards.
Companies with multiple locations must submit to audits for each of their locations. That’s because different locations have different employees and managers. When a NAID-certified company references their certification, they must specify the location to which it applies.
While companies that are certified know that they will be audited, some of the audits are unscheduled and unannounced. When you partner with a company with a NAID AAA certification, you know that they uphold high standards for document destruction at all times.
How Does NAID AAA Certification Affect Document Shredding?
What are the specific ways that NAID AAA certification affects document shredding? Here’s what you need to know.
First, certified companies must destroy all consumer information prior to its disposal to be in accordance with the FACTA Final Disposal Rule. They must also adhere to PCI compliance rules, which state that:
- Hard copy material must be cross-cut shredded, incinerated, or pulped – in other words, they must be destroyed in such a way that nobody can reconstruct them.
- Documents scheduled to be destroyed must be stored in secure containers that prevent anyone from accessing them.
- Electronic data must be rendered unrecoverable using a secure wipe standard in accordance with the relevant industry regulations.
- Adherence to the FACTA Red Flags Rule, which requires audits of data-related vendors who have access to the personal information of customers.
You can find additional information on the NAID website, here. You should also know a few other things about NAID certification:
- All NAID auditors have earned a Certified Protection Professional accreditation from ASIS International.
- Auditors verify that proper protocols are in place to secure confidential materials at every state of the destruction process, including handling, transportation, storage, and destruction, as well as transfer of custody.
- Any individual who handles confidential material must undergo an extensive background screening process.
- The Certification Review Board tracks non-compliance reports and works with member companies to bring them back into compliance. Repeat offenders may lose their certification.
In other words, working with a NAID-certified company greatly reduces the risk that your documents will be improperly handled and destroyed.
Conclusion
You need to be certain that your important documents are disposed of properly. The best way to do that is to find a company with a NAID AAA Certification to handle the destruction for you.
To learn more about our NAID-certified document destruction services, please click here.