Canada’s Personal Information and Electronic Documents Act (PIPEDA) states that all private organizations collecting personal information have a responsibility to protect it. The law also states that organizations must “have clear, understandable and readily available personal information policies.” Here, we discuss how a professional, National Association for Information Destruction (NAID) AAA Certified information destruction service can help your business comply with PIPEDA.
PIPEDA was originally enacted in 2000 to protect individuals’ privacy rights. The law establishes rules for how organizations collect, use and disclose personal information during business activities. Recently, PIPEDA was amended through the Digital Privacy Act. The amendments include requirements for organizations to disclose privacy breaches to the affected individuals as well as the Privacy Commissioner. Organizations must also maintain a permanent record of all data breaches. Failure to comply with PIPEDA may result in criminal prosecution and/or fines of up to $100,000.
Improper and insecure disposal of information is one of the leading causes of privacy breaches involving personal information. Therefore, the way in which your paper documents and files are shredded plays a huge role in determining your organization’s ability to maintain PIPEDA compliance. The best professional shredding services use the highest quality equipment and processes to destroy your confidential and sensitive documents, and are also NAID AAA Certified. Regular and one-time service options ensure that personal information is destroyed securely and promptly.
Since PIPEDA affects private organizations of all sizes and types, if you have a home business that handles the personal information of clients and customers, it must also comply with PIPEDA. A residential shredding service keeps your sensitive documents out of garbage and recycling receptacles for added privacy protection. Your residential paper shredding service provider can destroy your documents on a one-time purge bases or place secure collection consoles in your home office for regular collection and shredding. If you choose a scheduled shredding option, a mobile shredding vehicle arrives at your residence on a schedule you choose, and all collected material is destroyed on-site at your home. You then receive a Certificate of Destruction noting the time and date of shredding.
Personal information in digital format is also protected under PIPEDA. Therefore, all no-longer-needed electronic media should be disposed of using the same processes and care as your paper records. A professional information destruction provider can offer a secure solution for destroying the following media:
• Backup tapes
• Hard drives
• CDs, DVDs and Blu-Rays
All media is physically destroyed to prevent unauthorized access to confidential data.
Information destruction companies with NAID AAA Certification can act as a partner to help your organization maintain PIPEDA-compliant disposal practices. NAID AAA Certified shredding and destruction providers undergo scheduled and random audits to assess the following areas:
• Operational security
• Shredding particle size
• Employee hiring and screening procedures
• Destruction equipment
• Liability insurance
NAID also offers Certified Secure Destruction Specialist (CSDS) Accreditation, which assesses an individual’s competency in a range of subject areas related to the secure destruction of information. CSDS-Accredited employees provide further assistance with your organization’s due diligence when disposing of personal information.
When you understand PIPEDA and its recent amendments, it’s clear that the right information destruction solution can help your business meet and exceed PIPEDA requirements.
Shred Guard provides NAID AAA Certified information destruction solutions for businesses throughout Atlantic Canada. For more information, please contact us by phone or complete the form on this page.