Document Shredding Laws – What You Need to Know

As more cybersecurity incidents occur on the global stage, more businesses are realizing they need to take serious action in order to process and manage their sensitive business information. While it can be a hassle to archive documents that no longer seem useful or needed, the truth is that certain sensitive information should be retained for certain periods of time. There are laws around what you need to retain and what you need to shred. How long do you keep documentation? What can be recycled and what can be shredded? The honest answer is that it depends on the level of security required by the content contained in the documentation. Here are a few things to keep in mind when deciding what can go in the shredder.  


Your company’s records are a critical resource and their disposal requires the proper investment of time and resources to ensure your compliance with federal and state regulations as well as ensuring the security of your employee’s and client’s information. Poor record disposal can result in security breaches, loss of confidential information, and lost privacy. Failing to heed security related laws and regulations can result in costly fines or even imprisonment. Make sure you know what regulations apply to your document destruction before you take any action. Always check that you are in compliance with the type of archiving and length of time you are required to retain information before allowing it to be disposed of. This can depend on your unique industry, your agreement with the client, and local laws and regulations as well.  


Sensitive information comes in many formats, from digital files stored in the cloud to the traditional banker’s boxes of files stored in an old fashioned archive. The process may be different for each, but the overall idea is the same. The sensitive information must be protected throughout the disposal process to avoid any unnecessary exposure or risk.  

To start, shredding of paper files is a common practice. But for those companies with more documents than can be managed on their own, enterprise-level document disposal might be a better fit. It’s worth noting that a simple shredding is not always enough to completely protect the information contained within the documents that were destroyed. Even shredded documents may still be reconstructed, which can result in privacy violations and possible legal action if the content is sensitive and worthy of protection. Make sure you are working with a high-quality document management company that takes on the responsibility of destroying and recycling for you in such cases. 

The proper destruction of hard copy documents is only effective if the digital files associated with those documents are also destroyed properly. Simply deleting the files is not enough. Until that space has been written over, the possibility of recovering data still exists. Similar to shredding important paper documents, one way to ensure that your personal information is not easily accessed is by “shredding” of the individual files on the hard drive. There are a variety of software programs that can shred files, but it can be confusing to know which one is right for you. 

The security and convenience of working with a document management partner, such as Happy Faces Records Management, protects your company while maintaining customer security as a high priority. Call today to talk with a representative.  

Leave a Reply

  • (will not be published)