Document Shredding Guide: A Crash Course for Employees
In many businesses, most employees have no idea about the security risks in every stack of papers that crosses their desks. A company-wide document shredding policy is your first line of defense against data breaches. To create a more shred-aware workplace, start with our five-step crash course.
1. Make your document shredding policies a key aspect of new-hire orientation.
Everyone needs to understand their own role in reducing the company’s information security risk. Drive the point home with real facts: If identity theft results because we don’t follow our shred policies, we could be on the hook for thousands of dollars or more. (In the case of HIPAA violations, jail time can result, too.)
2. Advertise your shred policy heavily.
Hang posters around the office, print tent cards for the break room, and mention it in every employee newsletter. Even integrate a prominent, standard footer into all company emails: If you print this email, please shred it. In short: Always keep shredding at the forefront.
3. Replace paper recycling bins with shred bins.
Shredding is the new recycling. The right document shredding vendor will provide locking shred bins that both ensure your documents will not fall into the wrong hands from bin to shredder, and that all shredded documents will be recycled.
4. Equip every associate in your HR and Finance departments with a private, under-the-desk shred bin.
Nowhere else in your company is the need for maximum information security greater. A locking private mini-console is a safe and secure alternative to your personal shredder. About the size of a bankers box, this locking unit quietly protects your data, saving time and cutting out the noise.
5. Promote this rule of thumb: Shred any document containing sensitive information.
Of course, you must make clear what sensitive information means.
First and foremost, there’s personal information
- Addresses (including email)
- Any identification numbers, such as Social Security, passport, driver’s license, or credit card number
- Telephone numbers
- Personal or physical characteristics, including photos
- Any information related to personal property, such as car registration or title number
Then there’s sensitive business information
- Copies of invoices, packing lists, purchase orders, etc.
- Employee and payroll records
- Email printouts
- Copies of marketing and product development plans
- Financial records
This crash course has no final exam.
Shred awareness isn’t a set-it-and-forget-it thing. You need to constantly monitor your employee’s adherence to your shred policy (even checking trash cans for sensitive documents). And when executives and managers follow document shredding policies day after day, they’ll set a positive example that others will follow.
For many companies, outsourcing to a trusted shredding services vendor like Corodata is a highly cost-conscious way to efficiently handle their shredding volume, keep their companies running efficiently, and manage their risks.