The National Association of Information Destruction (NAID) is the established international trade association for companies providing information destruction services. Their mission is to promote the information destruction industry and the standards and ethics of the member companies.
Not all destruction providers are NAID certified; it is a voluntary membership, and you can join as a NAID Member or a NAID AAA Certified Member. A NAID member is anyone who joins the association. A NAID AAA Certified Member is a member that is also a part of the Certification program and is subject to following all the rules and guidelines provided by NAID.
NAID’s certification program has become the most widely accepted set of rules and guidelines for information destruction. In fact, the best way to discern if a company is reliable or not is to ask if they are NAID certified. NAID certified companies are audited, they background check employees, and must follow strict security standards for their buildings and vehicles.
Currently there are not any laws defining the specifics of how the private information of consumers is destroyed but businesses are regulated on how that information is protected. Using a NAID certified company will help you meet the regulations, for example, in FACTA or HIPPA. Knowing your clients’ information is secure will not only ease your fears, but if you are audited, you will have been provided the necessary information to make sure you are in compliance with government regulations.
NAID AAA Certified members are audited at least once every year. There is a scheduled audit for all companies at their location(s), plus NAID does random audits every year of almost 50% of the members.
There is always a chance an auditor will randomly show up at our facility or shadow one of the drivers, so in order to keep our certification, we must always follow our policies and procedures. If a location does not pass either the scheduled or random audit, a report is sent to Certification Review Board. They track reports of non-compliance and if actions are not taken to rectify the problem, the certification will be removed.
Another addition to this process is NAID’s ability to notify a client if a company has lost its certification. On their website you can sign up for notifications and if a company loses their certification an email will be sent to you. Notification is also sent every year letting you know that the company has been recertified after their annual audit.
There are many things reviewed in the audit, including checking that all employees have passed a three level background test and screening and that no employee has a history of an industry related crime. Also NAID provides guidelines for company procedures along every step of the destruction process, from handling the material at the client’s location to disposal of the destroyed material. The company policies are reviewed to ensure they meet or exceed the NAID guidelines.
NAID continues to work with state and federal governments to improve the protection of private information. Using a certified NAID member gives businesses the knowledge that their information remains private and the assurance that their vendor will continually strive to provide the best security. For more information about NAID, please visit their website, naidonline.org.