/Institutions/Cumberland-University/json/Current-Catalog/University-Policy-local.json

/Institutions/Cumberland-University/json/Current-Catalog/University-Policy.json

Policy > Red Flags > Destruction

Destruction

Destruction
Policy

________________________________________
Document Number: REDFLAG--107 Revision #: 1.0
Document Owner: Executive VP Date Last Updated: 08/17/2012
Primary Author: Executive VP Status: Approved
Date Originally Created: 12/15/2011
________________________________________
General Description
Description: Information about destruction of records relative to Red Flags Identity Theft Policy.

Purpose: Delineation of policy.

Scope: All faculty, staff, students, and administrators

Responsibility: Administration
Executive VP
VP of Business and Finance
________________________________________
Requirements
Relevant Knowledge: In order to comply with this policy you should know:
Current University policy
Federal statutes
Standard company policies
Standards of good practice
State statutes
Terms and Definitions: Additional training

Corrective Action

Loss of privilege, general
________________________________________
Policy Provisions
1. Destruction

1.1 Hard Copy Destruction

All hard copy CSI will be shredded when it no longer has a legitimate business use.


1.1.1 In-house storage awaiting sDirector of Human Resourcesedding

1. Is the responsibility of every department.

2. Hard copy material waiting to be shreded will be maintained in locked and secured boxes labeled “Confidential Shred Material.”



1.2 Destruction service providers

All destruction service providers must comply with the service provider oversight policies in this Identity Theft Prevention Policy.


1.2.1 Destruction service providers

1. All destruction service providers must be National Association of Information Destruction, Inc. (NAID, Inc) Certified.

2. The University must be provided a certificate of destruction every time material is released to be destroyed.



1.3 Soft Copy Destruction

All computers, telecommunications, or electronic devices must be “sanitized” or “wiped” clean before being sold, donated, or discarded. A member of senior management or an Information Technology professional is designated for this function.





________________________________________
Performance Evaluation
Performance Metrics: Compliance with standard policy and procedure
Compliance with federal mandate

Consequences: Further training
Loss of privileges
________________________________________
Subject Experts
The following may be consulted for additional information.
Executive VP

VP of Business and Finance