Thursday, December 11, 2014

Destroying information is hard to do

There is a season for everything. Every document or record created must, inevitably, be destroyed.

Let's start with physical documents. It's not as easy as just dumping the documents in a dumpster. We need controlled processes to ensure that everything is appropriately management. There are any number of standards stating that you have ensure secure disposal but how do you actually do it?

The National Association for Information Destruction (NAID) -- who knew there was such a thing? -- advocates for that particular industry and offers the Certified Secure Destruction Specialist (CSDS) Accreditation Program. It also certified specific service providers. The certification program manual is incredibly detailed in the controls required to minimize the inherent risk of a document destruction provider (http://www.naidonline.org/forms/cert/28_cert-program-us.pdf).

Validation of the destruction process is particularly important. A document issued in conjunction with Ontario's Privacy Commissioner -- who is, incidentally, the sister of child entertainer Raffi -- lists what should be contained in the destruction authorization document (http://www.ipc.on.ca/images/Resources/naid.pdf):
  • date of destruction
  • name, title, contact info, and department of person submitting the authorization
  • description of the information or media being destroyed
  • retention schedule reference number
  • relevant serial or tracking numbers
  • quantity being destroyed
  • origination or acquisition year (range)
  • rentention expiration date
  • location of the records
  • reason for destruction
  • method of destruction
  • whether destruction is to be performed in-house
  • approved contract and vendor number, if relevant
  • approved destruction method 
Actual destruction should be accompanied by  Certificate of Destruction, including:
  • company name
  • unique serialized transaction number
  • transfer of custody
  • reference to the terms and conditions
  • acceptance of fiduciary responsibility
  • the date and time the information ceased to exist
  • location of the destruction
  • witness to the destruction
  • method of destruction
  • reference to compliance with the contract
  • signature
Internally-generate certificates might also include:
  • who conducted the destruction
  • when collection began
  • type of media collected 
  • specific containers targeted
  • time at which collection was completed
  • start time of destruction
  • location of destruction
  • equipment used
  • quantity destroyed
  • destruction completion time
Relevant logs might include the destruction of records not subject to retention (incidental or duplicates) and the results of random sampling audits.

What about digital documents and records?

We can certainly follow a similar process when we're dealing with well-defined sets of records or documents. Things might, however, get a bit more challenging when we're working with the type of digital documents in email and file shares.

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home