When you destroy personal data held in documents, files and electronic devices like hard drives it is recommended by the ICO that the data processor (shredding company) provides the data controller with evidence of destruction. A Certificate of Destruction confirms the details regarding the destruction and in certain cases may be required for insurance purposes.
The certificate of destruction provides protection for both the data controller (i.e. a school) and the data processor (i.e. a shredding company) as it confirms that the material has been destroyed and disposed of responsibly. A certificate of destruction also ensures the best compliance for GDPR and the new Data Protection Act 2018 by providing a full audit trail.
The Seventh Principle of the Data Protection Act states that:
Where processing of personal data is carried out by a data processor on behalf of a data controller, the data controller must in order to comply with the seventh principle:
(a) choose a data processor providing sufficient guarantees in respect of the technical and organisational security measures governing the processing to be carried out, and
(b) take reasonable steps to ensure compliance with those measures.
As a leading shredding company Topwood is accredited with information security ISO:27001 which ensures personal data is processed and handled in a professional and compliant manner. Our staff, IT and processes are checked to ensure the safe handling of personal data.
Some organisations are required to have a certificate of destruction by law, such as the NHS. However, it is good practice to supply every customer with a certificate, after every service. If audits are required to check the data protection for your business, certificates of destruction are very important to prove that confidential data has been disposed of in a responsible manner.
Topwood assign a unique work order number to each shredding job. This number is shown on your e-receipt, certificate of destruction and invoice to provide a full audit trail for your confidential shredding ensuring GDPR compliance.
If you would like to find out more about our secure document scanning, shredding and storage solutions call 0800 781 1066 or request a call back using our call back form.