Services | Locations | Contact ☎ Call Today: Buffalo: (716) 871-7040 - Rochester: (585) 458-8980 - Tampa (813) 246-4723

Why Destroy Your Information

Safe. Secure. Solutions.™

Documents are only as safe as the weakest link in their lifecycle.

To protect privacy, any standards for the appropriate collection and management of information must include requirements for proper destruction and disposal of this same information. The reality is that identity theft and information-based crimes are among the fastest growing - and they are growing because of improper destruction and disposal practices. Dumpsters and garbage receptacles are recognized as a primary source for personal and corporate information theft. Failure to adequately address the destruction and disposal of information contributes to the growth in these activities and jeopardizes protection of privacy for consumers and businesses alike.

Information safeguards are a vital issue to the senior management of all organizations.

In a study, top executives from 300 companies ranked the security of company records as one of the top five significant issues facing business. When asked which issues required immediate attention and policy development, the security of company records ranked second only to employee health screening.

Every organization has information that calls for secure destruction.

All organizations with employees and/or customers have occasion to discard private information. Customer lists, price lists, sales statistics, drafts of proposals, correspondence and even memos, contain information about activities which may interest competitors or other unauthorized parties. Every organization is also entrusted with information that must be kept private. Employees and customers have the legal right to have this information protected. Without the proper safeguards, information may end up in a dumpster or receptacle where it is readily, and legally, available to anybody. Trash is considered by business espionage professionals as the single most available source of competitive and private information from the average business. Any establishment that discards private and proprietary data without the benefit of modern destruction methods exposes itself to the risk of prosecution, as well as costly loss of business and reputation.

Stored records should be destroyed on a regular schedule.

The length of time records are stored should be determined by a retention schedule that takes into consideration their useful value and the governing legal requirements. No record should be kept longer than this retention period. By not adhering to a program of routinely destroying stored records, an organization exhibits suspicious disposal practices that could be negatively construed in the event of litigation or audit. From a risk management perspective, the only acceptable method of discarding stored records is to destroy them by a method that ensures that the information is obliterated. Documenting the exact date that a record is destroyed is a prudent and recommended precaution.

Incidental business records discarded on an every day basis should be protected.

Without a program to manage it, the daily trash of every organization contains information that could be harmful to individuals and businesses. This information is especially useful to competitors because it contains the details of current activities. Discarded daily records include phone messages, memos, forms, drafts of bids, invoices and correspondence. All organizations suffer potential exposure due to the need to discard these incidental business records. To effectively minimize this exposure, make sure such information is securely collected and destroyed.

Recycling is not an adequate option for information destruction.

To extract the scrap value from office paper, recycling companies normally sort the paper under unsecured conditions. The 'acceptable' paper is stored for indefinite periods of time until there is enough of a particular type to sell. The sorted paper, still intact, is then baled and sold, where it may be stored again for weeks or even months until it is finally used to make new products. There is no fiduciary responsibility inherent in the recycling scenario. Paper is given away or sold and, by doing so, an organization gives up the right say in how it is handled. There is, also, no practical means of establishing the exact date that a record is destroyed. In the event of an audit or litigation, this could be a legal necessity. Furthermore, if something of a private nature should surface, the selection of this unsecured process could be interpreted as negligent. For all these reasons, the choice of recycling as a means of information destruction is undesirable from a risk management perspective. If environmental responsibility is a concern, materials may be recycled after they are destroyed or a firm can contract a service that will destroy the materials under secure conditions before recycling them.

Internal personnel should not be in charge of destroying certain information.

Good judgment dictates that certain information and materials including payroll, labor relations, legal affairs and health information, by way of illustration, should not be entrusted to employees for destruction. But, beyond that, competitively sensitive information is best protected as well. Unfortunately, it has been established that employees are among the most likely to realize the value of certain information to competitors. And, some employees may have incentive to capitalize on their access to it. The only acceptable alternatives are to have the materials destroyed under the supervision of upper management or by a carefully selected, high security service.

Organizations should be as careful in the destruction of documents and records as they are in protecting them on their premises.

Lincoln Archives, Inc.
The Lincoln Family of Businesses Since 1914
Safe. Secure. Solutions. ™