866-381-6611Toll Free

Security

Let us help you with your "privacy" compliance program. Our business associates agreement and confidentiality agreement will assist you to meet and maintain HIPAA and FACTA compliance.

  • Meets security and privacy requirements
  • Shredded Material is recycled, never thrown in the trash,
    eliminating "dumpster diving thieves."
  • Limits the exposure of sensitive information to entry-level employees.
The Situation
  • It is a legal requirement to destroy personal information when it is discarded.
  • Your customers insist upon privacy. They stop doing business with companies who are careless with their information.
  • The news media is aggressively looking for headlines involving breaches of privacy.
  • Trade secret and non-compete agreements lose legal protection if information is not protected at all times, including when discarded.
  • There currently is a dramatic increase in demand for secure shredding services.
The Problem
  • There are some companies offering secure or "self-certifed" shredding services that have inadequate security either from lack of experience or low standards.
  • Customers unfamiliar with secure destruction services often do not have enough information to determine which service providers are serious about security.
  • Many customers do not have the time to regularly monitor the security standards of their secure destruction service provider (as many regulations now require).
The Solution: NAID™ Certification...
  • Uses a combination of scheduled and suprise audits to verify that secure destruction services consistently meet operational security standards.
  • Helps the clients establish the due diligence required to comply with HIPAA, Gramm-Leach-Biley (GLB) and FACTA.
  • Qualifies as the annual business associate review required of covered entities under HIPAA.
  • Meets the standard for reasonableness that is generally accepted by government agencies and courts.
  • Most importantly, it makes sure the customer is getting the security they demand.
How it Works ...

Annual Audits:

On an annual basis, an independent Certified Protection Professional® (CPP) contracted by NAID conducts a complete audit of the service provider's operation. The Annual Audit verifies that the service provider complies with the standards for...

  • Employee Clearance: drug screening, employment history, criminal background check, restricts high-risk individuals from employment.
  • Access Control: security of removal, security of facilities, monitoring of alarms, video monitoring and recording.
  • The Destruction Process: regulated particle shred size, destruction timeframe, proper recycling of shredded material.
  • Secure Processing: verifies compliance with the service provider's written policies and procedures.
In all, there are over 20 key elements verified with each audit.

Unannounced Audits:

NAID™ Certified service providers are also subject to unscheduled, random audits which verify on a spot basis that confidential materials are protected. Unannounced Audits are conducted by a trained CPP at the secure destruction facility and in the field. Compliance with many of the standards audited in the Annual Audit is also verified in the Unannounced Audit.

To ensure compliance, every NAID™Certified service provider understands that they may be audited anytime, anywhere, regardless whether they were audited the previous week or six months prior.