Secure paper shredding has many benefits, but there are also consequences that can be avoided by having level 6 shredders or other high security paper shredders. Here are six consequences of an inadequate document destruction policy:
Some businesses are required to destroy documents and business records to maintain compliance with ethical rules, government regulations, or laws. Some examples include:
- Government contractors may be required to use level 6 shredders as defined by the U.S. National Security Agency (or NSA). Any contractor that deals with documents classified as Special Access Programs (or SAP), Communications Secure (or COMSEC), Sensitive Compartmented Information (or SCI), or Top Secret (or TS) must use level 6 shredders when the documents are destroyed. Failure to destroy documents may violate the government contract as well as the government regulations that govern the contract.
- Healthcare providers are required by law, specifically, the Health Insurance Portability and Accountability Act (or HIPAA), to destroy patient records before disposal. Although HIPAA does not specify the level of shredding required, government guidance states that the documents must be rendered unreadable. This implies a level 6 shredder. Failure to comply would violate HIPAA.
Disposing of records without destroying them before disposal runs the risk that your business's identity or the identities of your employees may be stolen. Identity theft can cost substantial amounts of time and money and ruin credit histories.
Payroll records, for example, include names, addresses, and direct deposit account information. Employment records often include a photocopy of the employee's drivers license. Tax records include social security numbers. Your business's check stubs include the routing number and account number of your business checking accounts. Any of this information could be a treasure trove of information for identity thieves.
Theft of Customer Information
Documents containing customer financial information, such as credit card numbers and banking information, should be destroyed thoroughly to prevent theft of that information. Aside from the moral obligation to protect customer information, negligence in safeguarding customer information could expose a business to lawsuits.
Nearly half of consumers think that their own habits make them vulnerable to identity theft or fraud. Any consumers who are victims of identity theft due to another's negligence would likely be upset enough to seek some form of compensation.
Theft of Confidential Information
Your business has all sorts of documents that your competitors would love to get their hands on. Sales strategies, trade secrets, financial information, customer lists, pricing and manufacturing information, chemical formulas, engineering drawings, and business communications are just a few examples of documents that could cost you your competitive advantage if they were disseminated. Destroying documents like these, using level 6 shredders or other high security paper shredders, could be the only thing standing between doing business and going out of business.
Embarrassment and Blackmail
Some information might not constitute trade secrets but may be embarrassing if released publicly. For example, internal memos that discuss competitors often use blunt and colorful language that could tarnish a business's reputation if released. Similarly, privileged documents such as communications with the business's attorneys and accountants may contain embarrassing information.
Extortionists can use any embarrassment that could be caused by release of those documents as leverage to blackmail the business. While this is illegal and can be investigated by law enforcement, the embarrassment could be unavoidable as these documents may be released during the investigation and prosecution of the extortionists. The better path is to prevent the release of the documents in the first place by destroying them before disposal.
Theft That Leads to Further Theft
One of the most valuable pieces of information held by your business are your network passwords. If hackers access your network, all of your electronic data may be exposed. Careless disposal of network password logs and other network information can lead to hacking and other data loss.
If you think this is impossible, many hacks have been traced to disgruntled former employees who used their old passwords to access a network. There is no reason to believe that someone rifling through your garbage would pass up a document containing a list of network passwords.
High security document shredders not only have benefits but also help you to avoid severe consequences for your business, such as noncompliance, identity theft, and loss of confidential or embarrassing information.