Records Destruction Compliance: Pretty Good Isn’t Enough
Every organization, whether for-profit, non-profit or governmental, possesses sensitive information of some type. It may be customer, employee, patient or other stakeholder-specific and could contain financial or other confidential information that must be legally or otherwise safeguarded. Often these records have a formal retention schedule dictated by the age or validity of the information itself. When it’s time to destroy such records, a “pretty good” shred program isn’t enough to meet or exceed regulatory mandates for confidential destruction.
FACTA, HIPAA & Identity Theft
Information privacy regulations impact many industries. HIPAA is limited to healthcare but FACTA mandates apply to any organization that collects personally identifiable information about consumers.
At the heart of the concern surrounding safe destruction of paper records is identity theft. An estimated 40% of the 9-10 million individuals who fall victim annually to identity theft have their information compromised through the theft of physical paperwork. In severe cases, it can take nearly 6000 hours to correct the resulting damage. FACTA legislation has ratcheted up the pressure on all types of organizations to perform adequate due diligence in establishing and maintaining a document destruction program.
Significant Legislative Rulemaking
There have been numerous regulatory responses to concerns about information security, identity theft, corporate governance transparency and many more areas related to information management. Several of the most frequently cited are:
- HIPAA – Health Insurance Portability& Accountability Act
- FACTA – Fair and Accurate Credit Transaction Act
- Sarbanes-Oxley Act
- Gramm-Leach Bliley Act
Take Decision Making Out Of Compliance
A company-wide “All Shred” program takes employee decisions regarding the sensitivity of a document out of the equation. All office paper is treated as if it contains protected information and gets put into a secure bin to be shredded and recycled. Having a single process for the disposal of all paper encourages employees to develop compliant habits.
Long Term Compliance by Design
Underground Archives knows what it takes for your organization to meet these rules. Your information will be destroyed in accordance with relevant statutes by our well-qualified team of service experts. Our experienced professionals partner with your staff to design a comprehensive, enterprise-wide shred program that meets your requirements.
We collect and transport your documents to our secure facilities on a schedule frequency that suits your organization’s needs.
We securely track all materials identified for destruction to ensure chain of custody.
Documents are shredded and recycled for security and environmental responsibility.
A certificate of destruction establishes a reliable audit trail.
If your document destruction needs are mandated by regulatory requirements (e.g. HIPAA, FACTA, GRAMM-LEACH-BLILEY), Underground Archives is not just a vendor—we’re your partner. We take the time to understand your workflow because being a partner with our clients is part of the value we deliver.
Underground Archives is the right solution, by design.
