The law requires proof of destruction of confidential paperwork. This can be in the form of a "Certificate of Destruction". Our article explains what it is, why it is important, and how you obtain yours after your shredding service with us.
Click to download our PDF
When you destroy personal data held in documents, files and electronic devices like hard drives it is recommended by the ICO that the data processor (shredding company) provides the data controller with evidence of destruction. A Certificate of Destruction confirms the details regarding the destruction and in certain cases may be required for insurance purposes.
The certificate of destruction provides protection for both the data controller (i.e. a school) and the data processor (i.e. a shredding company) as it confirms that the material has been destroyed and disposed of responsibly. A certificate of destruction also ensures the best compliance for GDPR and the new Data Protection Act 2018 by providing a full audit trail.
As a leading shredding company Topwood is accredited with information security ISO:27001 which ensures personal data is processed and handled in a professional and compliant manner. Our staff, IT and processes are checked to ensure the safe handling of personal data.
Some organisations are required to have a certificate of destruction by law, such as the NHS. However, it is good practice to supply every customer with a certificate, after every service. If audits are required to check the data protection for your business, certificates of destruction are very important to prove that confidential data has been disposed of in a responsible manner.
Topwood assign a unique work order number to each shredding job. This number is shown on your e-receipt, certificate of destruction and invoice to provide a full audit trail for your confidential shredding ensuring GDPR compliance.