Top secret
Implementing a document-destruction policy is advisable for businesses and individuals. The policy should be used as a guideline for document storage. It should also provide instructions for destroying important documents. Make sure any established business document destruction policies are in compliance with all applicable federal and state regulations.
Records Retention
All records should be stored in a protected environment for a predetermined length of time. This includes hard copies, electronic documentation and other specified types of media. You should make sure the method of storage is centralized and easily accessible.
The document-destruction policy should not differentiate between hard copies and electronic records. They should be retained in the same manner, according to your established destruction schedule. These electronic records should be archived on a computer or printed and kept in a centralized location
Patient Health Information
Documents containing patient health information should be stored in containers or files inaccessible to unauthorized personal. Time lines for destruction of these documents should be established with the creation of policy. Destruction of these documents should be in compliance with federal and state laws. Patient health documents should be destroyed, so there is no way for reconstruction to occur. The suggested methods for destruction of these records include shredding or burning. There should also be a document created that details which documents were destroyed and by which method.
Emergency Planning Documents
Documents pertaining to emergency planning should have a specific set of instructions for duplicating and retaining data. Emergency planning documents are all files essential to maintaining business operations during an emergency. These documents should be maintained in a separate location. Electronically maintained data should be backed up to an off site server, according to an established schedule.
Personal Documents
Individuals should go through personal files yearly and shred all expired documents. A document-destruction policy should be established if you retain documents containing personal information. Keeping these expired documents available can expose you to identity theft. There are basic document-destruction policies you can establish. Mortgage documentation should be retained for the duration of loan. Tax returns and home-repair information can be retained for at least 7 to 10 years. Credit-card and bank statements should be accessible for three months, while ATM receipts can be discarded once they clear your bank account. Pay stubs should only be retained if you are planning to apply for a loan in the near future. They contain all information required for identity thieves to initiate fraudulent activities.
Considerations
There are companies you can contract with to handle creating and implementing document-destruction policies. The National Association for Information Destruction is a trade association for destruction services companies. Members of the NAID have to be in compliance with all industry standards of information destruction. These companies can track electronic media and store your hard copies of documents. You can establish document-destruction schedules and be notified through email which documents are scheduled for destruction. Individuals can invest in a good quality paper shredder to handle their document-destruction needs.
