Almost every business needs to collect and store information, in both physical and digital forms. You’ll create, send, and receive things like purchase orders, contracts, invoices, and process documentation.
These stored documents and pieces of information are necessary to keep your business running, but they can also leave you vulnerable when it comes time to dispose of them; if a competing business or an individual with ill intentions gets hold of your private information, they could use it against you.
Sometimes that means stealing trade secrets. Other times that means obtaining personal information that belongs to your clients.
So how can you be sure that your company is disposing of information responsibly?
There are a few high-level strategies that can help you perfect your disposal efforts:
- Come up with a formal policy. First, you’ll need to have a formal “information disposal” policy in place. If you don’t have the specifics written down, you can’t possibly expect your partners and employees to follow your rules precisely. Instead, you’ll have everyone following a different system, and of course, you’ll end up with documents falling through the cracks.
- Make it easy. Nobody wants to take an hour out of their day to manually check to make sure all documents are being disposed of responsibly. If information disposal is too difficult or time-consuming in your business, it won’t be executed consistently or reliably. Instead, it’s in your best interest to make things as easy as possible.
- Set expiration dates. You should keep documents and pieces of information for a set amount of time. This expiration date may be different for different types of documents, so make sure to set it manually for each type of information you collect.
With physical documents, there are a few reliable disposal methods, but the most secure and reliable is disposal through shredding. Most offices will have at least one paper shredder available, but these can be inefficient; for example, all it takes is one paperclip or staple to cause a jam, and you’ll probably have to feed small stacks of papers through manually, one at a time.
Instead, it’s much more efficient to hire a paper shredding service. These services may vary, but they usually allow you to keep all your documents to-be-shredded in one location. Periodically, they’ll retrieve these documents and shred them to bits all at once, so you don’t have to worry about conducting the process manually or making a mistake along the way.
Digital documents make things a bit more complicated since there are different ways to store them. If data security is a priority, it’s a good idea to make sure all your data and documents are encrypted and secure; that means storing them on an encrypted platform and/or password-protecting them, then relying only on secure networks to send, receive, or otherwise access them.
If you no longer need a document or piece of information, merely deleting it isn’t enough to guarantee its full disposal. Emptying your Recycle Bin will remove the file from visibility, but that doesn’t mean it’s completely gone from your hard drive (unless you’re using a solid state drive). Similarly, deleting a document from your cloud storage platform may not be enough to guarantee it’s no longer retrievable.
For cloud storage platforms, your best course of action is to only work with a cloud storage provider you trust, and ensure you keep your login credentials under lock-and-key. Users within your company shouldn’t have access to files that aren’t relevant to them, and everyone should be using a very strong password (and changing that password regularly).
After “deleting” files from your computer’s hard drive, you’ll face a risk when it comes time to dispose of the device itself. There are several steps you’ll want to take before selling or recycling your computer, just to make sure the next person who gets a hand on the device won’t be able to gain access to your information.
Deauthorizing the computer and uninstalling all your programs is a good start, but you’ll want to take one step further and use a factory reset to wipe your hard drive clean. Even then, it’s not a bad idea to work with an electronics recycling center to make sure your digital device is disposed of securely and responsibly.
It doesn’t cost much money or take much time to keep your information disposal policies in good shape. Once you have a system in place, you can (mostly) expect it to run on autopilot.
That said, it’s still a good idea to conduct a periodic audit of your procedures to make sure they’re being followed by all your employees, and to see if any sections need updating.
How is your company disposing of information properly?