NAID Briefing

At the 2008 NAID Annual Conference, the association will unveil a document, which, over the coming months and years, will redefine how business and government view information destruction. The publication, called the "NAID Information Destruction Compliance Toolkit," just may be the most comprehensive analysis of appropriate information policy and procedure development ever published.

In most developed nations, businesses are legally required to have documented information protection programs. However, we know that most organizations do not have them in place. We also know from our own research that organizations that do have the documented policies are far more likely to outsource their destruction requirements. The strategy, therefore, is to give them what they need to create their policies.

Now, it is not uncommon for even the biggest corporations in the world to have a destruction policy that says something like "records shall be properly destroyed when their retention requirements have been reached." That’s it; one line that gives no direction or detail to employees of their responsibilities or how to properly meet them.

Suffice it to say, when NAID publicly releases this 70-plus page publication, exploring all the considerations and nuances of proper information destruction in today’s world, it will get the attention of information security and records management policymakers everywhere.

As one consultant who was retained to review the document put it, "There has never before been such a comprehensive review of proper information destruction. I cannot wait to make this available to my clients."