Now offering Data Breach Protection Services through CSR

What It Means to Be NAID AAA Certified

"We’re NAID AAA Certified"...but what does that really mean?

Lincoln Archives is certified to securely destroy and protect information through NAID

What It Means to Be NAID AAA Certified

Throughout the years you may have heard members of the Lincoln Archives team mention "We’re NAID AAA Certified"...but what does that really mean? 

Is it a connection to the American Accounting Association? Or how about the American Automobile Association? While it is neither one of those elements, being NAID AAA certified signifies that Lincoln Archives is certified to securely destroy and protect information through the National Association of Information Protection (NAID). This AAA Certification was created in 2000 and some main concepts from NAID Online are listed below:

Top elements of the NAID AAA Certification:

  1. Development/Overview:

First developed in the year 2000, NAID’s AAA Certification was created by information security professionals for NAID member companies which were providing information destruction services. This certification provided resources so that companies could meet the numerous laws and regulations surrounding the protection of confidential customer information. Originally developed with three theirs, “A” “AA” and “AAA”, the two lower layers of “A,” and “AA” were eliminated in 2005 to remove any confusion and the AAA level, containing the highest security requirements, became the only available option to become certified.

  1. Requirements:

One of the main elements of the certification is to ensure all processes surrounding the handling of confidential customer information were done with the highest level of security. This included transportation, location security measures, and the destruction processes. To ensure this was upheld within each company, audits were introduced. These audits, while first conducted on a scheduled routine basis, are now conducted unannounced by independently contracted to ensure true results. Conducted on both mobile on-site and off-site shredding operations, audits review all processes surrounding paper/printed media, micromedia, computer hard drive destruction, and/or computer hard drive sanitization. If a NAID member operates in multiple locations, each location must pass an audit to be certified.

  1. Regulations:

Below are the main regulations in which the NAID AAA Certification uses to ensure security measures are met:

    • FACTA Final Disposal Rule
      • All consumer information is to be destroyed before it is discarded. Covered entities must monitor compliance of any organization contracted to destroy consumer records.
    • FACTA Red Flags Rule
      • Requires audits of data-related vendors with access to personal information of customers.
    • HIPAA & HIPAA Security Rule
      • Covered entities may be subject to civil penalties for the misconduct that lead to a security breach and business associates of covered entities must comply with technical, administrative and physical safeguard requirements.
    • PCI compliance
      • Verify hard copy materials are crosscut shredded, incinerated or pulped such that there is reasonable assurance the hard copy materials cannot be reconstructed.
      • Examine storage containers used for information to be destroyed to verify the containers are secured. For example, verify that a to-be-shred container has a lock preventing access to its contents.
      • Verify that cardholder data on electronic media is rendered unrecoverable via a secure wipe program.

4. Internationally Recognized

NAID’s certification is recognized internationally both by private and governmental organizations. While a voluntary program through NAID, it is in the best interest of a shredding company to become certified

Lincoln Archives has been NAID AAA Certified for over seven years and is the only local family-owned company in Buffalo that is so. To ensure all process are being upheld, members of the Lincoln Archives team recently attended the NAID Conference in Denver Co. and discussed knowledge with fellow NAID Members. We love being inspired by others in the industry.

Lincoln Archives is the only family-owned NAID AAA Certified organization in WNY and includes the division of LACyber providing comprehensive Data Breach Defense Services. Lincoln Archives is proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.

by Kathryn Turner

Contact Us