
© NicoElNino - stock.adobe.com
The National Association for Information Destruction (NAID) and the Secure Information Governance & Management Association (i-SIGMA), Phoenix, have announced that the NAID AAA Certification will require policies and procedures to be updated to address requirements of the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) wherein service providers are required to respond to data subject requests. The certification update will go into effect Jan. 1, 2020.
According to a news release from i-SIGMA, the association is requiring all NAID AAA Certified service providers to update their policy language.
“First of all, our covenant with the client—the data controller—is that NAID AAA Certification verifies compliance with all global data protection laws. Second, GDPR and CCPA are not bounded by national or state boundaries, applying instead to all citizens of those jurisdictions no matter where the citizen or the business with whom they share their personal information is located,” says Bob Johnson, CEO of i-SIGMA. “Lastly, it is only a matter of time until all data protection regulations give these rights to data subjects. Requiring it of all members simply prepares them for the inevitable.”
i-SIGMA plans to provide NAID AAA Certified companies with sample language for updating their written policies and procedures. The requirement to update policies is Jan. 1, but i-SIGMA reports that there is a brief grace period to add the language after the Jan. 1 deadline.
Latest from Recycling Today
- Ship dismantlers navigate new regulatory regimen
- Gershow announces several community involvement projects
- McKinsey identifies engineering polymers as a recycling opportunity
- Metso acquisition focuses on mill liner recycling
- Malaysian customs office seizes scrap containers
- Lindner establishes Brazil subsidiary
- Tire recycling veteran predicts growth in pyrolysis
- ShearCore adds FC95 to concrete processor line