Office of the Saskatchewan Information and Privacy Commissioner. Guide to FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 340 (iv) Consider the design of the secure destruction program (a) In-house or outsourced Deciding whether a secure destruction program should be conducted in-house, outsourced or partially outsourced is a key decision that each organization must determine and detail in their secure destruction policy. The policy should state that when contracting a service provider, the transfer of custody should be clearly documented, and the service provider must accept fiduciary responsibility for destroying the records. Organizations may wish to engage a secure destruction service provider that offers mobile or on-site destruction services. Whether destroyed internally or by a service provider, the individuals performing the destruction must be properly trained in the operation of the destruction equipment. Also, destruction must always be performed under secure and controlled conditions. (b) Centralized or decentralized Organizations performing an in-house destruction program should determine if the program will be centralized or decentralized. A centralized model of internal destruction involves employees collecting records to be destroyed in a container at their desk, where it is securely collected and transported by a designated employee to the location of the destruction equipment within the organization. In a centralized program, it may be a prudent policy to have some records isolated from the program and destroyed at the department level. A decentralized model of internal destruction involves employees destroying records themselves throughout the workday using equipment in the vicinity of their workstations. In this model, the organization may choose to have employees contact a specific person in the organization for large purges of paper. The decentralized model may be less suitable for very sensitive records as employees must be diligent in not leaving records or media unattended, as well as reporting any malfunctions in equipment to their supervisor. Regardless of which model is chosen for an organization’s destruction program, this should be detailed in its secure destruction policy. (v) Contingency planning Policies should describe a contingency plan should a contracted secure destruction service provider suddenly not be available, or if destruction equipment such as a crosscut shredding machine ceases to operate. Some measures may increase the risk of theft, loss
RkJQdWJsaXNoZXIy MTgwMjYzOA==