Adera has been a member of NAID since 2002, and is NAID “AAA” Certified for paper, and hard drive destruction.
NAID is the non-profit trade organization of the secure destruction industry. Founded in 1994, its mission is to promote proper destruction of all forms of discarded media containing personal and proprietary information. NAID has forged strong relationships internationally with policymakers and regulators, produces an extensive catalog of guidance publications, and enforces security standards for
the secure destruction industry around the world.
© 2009 NAID
NAID Certification is required by a growing list of government offices. Below is a short list of some that do.
Other public organizations . . .
Andersen AFB, Guam
Board of Education, Chatham County, Georgia
Indian River County Sheriff Dept, Florida
King County, Washington
Methodist Hospital, Texas
Moncrief Army Community Hospital, South Carolina
Mountain Home Medical Group, Boise, Idaho
University of Georgia
In the Private Sector too . . .
Thousands of private organizations around the world choose NAID Certified data destruction services to meet their legal due diligence obligation when selecting a qualified vendor to destroy sensitive information.
- Privacy Act of 1988 European Union Partner Countries
- Data Protection Directive
- Specific Country Privacy Laws Canada
- Personal Information and Electronic Documents Act (PIPEDA)
- Personal Health Information Act (PHIPA) (Ontario)
- Personal Information Protection Act (PIPA) (British Columbia)
- Personal Information Protection Act (PIPA) (Alberta)
- Health Information Act (HIA) (Alberta) New Zealand
- Privacy Act of 1993 United States
- Health Insurance Portability and Accountability Act (HIPAA)
- Financial Services Modernization Act (GLB)
- Fair and Accurate Credit Transaction Act (FACTA)
- Red Flag Rule (amendment to FACTA)
- State Data Protection Laws
This list is not meant to be exhaustive. It is simply a sample of representative laws requiring established data protection policies and procedures.
Virtually every developed nation in the world now has information protection laws and regulations.
All of these laws require written information protection procedures, including a written process for selecting a qualified, reputable data destruction vendor.
By specifying a NAID Certified information destruction vendor, such as Adera On-Site Security Shredding, you establish a recognized selection criteria, effectively satisfying that legal requirement.
Choose NAID Certification or Develop Your Own Criteria and Auditing.
The laws are clear; it is unacceptable to select a records destruction service provider without a written selection criteria. If you don’t specify NAID Certification as those criteria, you will have to develop some other written and verifiable criteria.
NAID Certification was developed by information security professionals and is recognized by thousands of organizations around the world. Why start from scratch, developing completely new selection criteria, when NAID has already done the work for you?
Some regulations require annual or ongoing verification of vendor compliance. NAID Certification satisfies that requirement as well.
When NAID Certified information destruction services undergo an audit, their hiring practices, equipment and facilities are carefully scrutinized.
The following are some of the security specifications that NAID auditors verify:
Persons with a known history of related-crimes are not employed
Security and operations policies and procedures are written and followed
Destruction equipment is functioning properly
Access to materials is restricted at all times
Containers and vehicles protect information from unauthorized access at all times during transport
There is an audit trail, including CCTV image capture and retention, and a thorough, documented chain of custody
NAID Auditors Know What Questions to Ask and What to Examine.
With over 700 announced and unannounced audits conducted every year, NAID’s trained third-party security professionals have seen it all. They know what to look for and what questions to ask.
Knock, Knock – Who’s There?
More than half of NAID Certification audits are unannounced, “surprise” audits. NAID Certified information destruction companies operate every day with the knowledge that they could be audited without notice.
NAID Certification is a Benefit to Customers.
It is the customer that ultimately benefits from a vendor’s NAID Certification. Companies that undergo NAID Certification don’t do it only for their peace of mind; they do it for their customers’ peace of mind.
NAID Certified vendors know that their customers’ legal compliance requires the type of scrutiny and system of verification the program offers. It is with customers’ interest at heart that they subject themselves to this review.