The number one reason for the secure destruction of documents is privacy laws.
Most countries have privacy laws which all organisations must adhere to when collecting any information containing an individual’s personal details.In Australia, The Privacy Act 1988 (Privacy Act) regulates the handling of personal information about individuals. Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.
The Office of the Australian Information Commissioner (OAIC) is an independent statutory agency within the Attorney General’s portfolio. Its website states, “The Commissioner has a range of enforcement powers, including seeking civil penalties of up to, or apply for civil penalty orders of up to $340,000, for individuals and up to $1.7 million for companies.” Significant amounts which should be enough incentive for any organisation to be judicious about the correct disposal of customer or employee information.
The shredder in the office is not the solution. What happens after that? Does it just go in the general rubbish or does it go in the recycle bin? If someone is determined enough, they can piece those strips of paper back together. Even worse is just putting scrunched up paper in the bin.
Anything with any personal or confidential information should be placed in a secure bin for eventual collection and destruction.
In Victoria, in 2013, a recycling plant was investigated and many sensitive documents were found, including bank details, share portfolios, medical records and company invoices. Had any of those documents gotten into the wrong hands, people would have suffered. Common sense must be used just consider how you would feel if your very personal information was laid bare or your identity was stolen.
Don’t forget this applies to staff records, as well as client records.
This must be done by a specialist provider. It starts with a locked bin or bag which is collected either on a regular basis or when a purge of documents is done. The bins are then transported to a secure facility where they will be shredded and destined for pulping. Grace Information Management have ASIO Category 4 accreditation for pulping and recycling.
When documents have been securely destroyed, Grace Information will issue a Certificate of Destruction, when requested by clients, to verify the completion of the destruction process. This is good business practice in case you are ever called on to provide proof documents have been destroyed and when.
Most business, government, non-government and not-for-profit organisations, if they deal with personal information, have privacy policies in place on their websites, their brochures and formal documentation. This is done to give the consumer, the donor and the customer peace of mind and confidence in the entity they are about to deal with.
To be fair and just, those policies must be known by all staff, respected and compliance guaranteed.