August 19, 2025

What Data Do you Have? Knowing When and What to Shred is Vital to Help Protect your Company Against a Data Breach

The potential financial and reputational damage caused by a data breach can be significant. In fact, the average cost of a data breach rose to nearly $4.9 million USD in 2024, up 11% from 2023, according to IBM’s annual Cost of a Data Breach report. To help protect against these costly risks, businesses should have a comprehensive data protection plan that prioritizes both digital and physical information security risks. Shred-it^® shares some tips on how you can start protecting your business data.

Implement a Data Management Program

The “basics” of an organization’s data management program form the foundation of effective information practices. Business leaders should begin by meeting with their data protection officer and any other relevant employees to answer some key questions about their companies’ information management procedures, including:

What types of data do we collect and store?
How much data is collected and stored?
Where is data stored?
For how long is data stored and why?
With whom is data shared?

Identify Areas of Risk

Conduct an information security risk assessment and a walk-through of administrative areas, including the front desk. Look for vulnerable areas such as printing stations, messy desks, and exposed trash and recycling bins. Flag these vulnerabilities and develop policies that can help to reduce the risk of a data breach.

Adopt Data Security Policies

Create and reinforce effective policies, including:

Clean Desk Policy: A clean desk policyhelps ensure staff shred or contain physical documents and that all technological devices are password protected each time an employee leaves a workspace. A clean desk policy helps reduce clutter, improves the security and confidentiality of information, and can contribute to an organized workspace throughout the organization.
Shred-it-All Policy: This policy encourages the regular destruction of all documents. This policy encourages employees to consider if there are any requirements to retain the document (in accordance with internal policy), and, if not, then immediately and securely dispose of it.

Reinforce Policies through Reminders and Rewards

To help get buy-in from employees, place posters in the workspace reminding employees of the new policies in place to protect confidential information. Business owners may also consider driving employee engagement initiatives to encourage employees and incentivize good behavior through rewards such as team member recognition.

Develop and Follow Retention Schedules

Various types of documents and data have recommended retention periods, depending on their importance and content. Follow legal and regulatory guidelines to know how long to keep each type of file. Keeping up with these schedules reduces clutter and helps safeguard your information.

Determine What to Shred

Ask yourself the following questions. If you answer YES to any of these, and it is not required to be retained per the document retention schedule, then SHRED the document.

Does it have any personally identifiable information (PII)?
Does it include any confidential corporate (or proprietary) information?
Does the document contain any financial information?

This applies to:

Contracts
Customer lists
Medical records
Payroll information

Why Choose Physical Data Destruction?

Shredding documents is an essential step to keep confidential information safe. Unlike basic home shredders that strip documents into pieces that can sometimes be reassembled, our cross-cut shredders turn paper into tiny, confetti-like pieces—making reconstruction impossible. Shred-it^® offers flexible, reliable data destruction services designed to meet your specific needs.

One-time shredding: Shred-it^® will perform a one-time collection of documents.
Regularly-scheduled shredding: Lockable containers are provided in addition to regularly scheduled pickups.
Drop-off shredding*: Drop off documents at a local Shred-it^® office.
Mobile shredding services*: Shred-it^® performs the shredding of documents onsite.
Specialty shredding services*: Shred-it^® securely destroys non-paper items such as price books, media, medical records, exams, expired IDs, old uniforms, and more.
Hard drive destruction*: Data can be recovered from devices, even if it has been manually deleted. Shred-it^® offers state-of-the-art technology to permanently delete hard drive data by physically destroying the device.

Download our info sheet for a more detailed list of what documents should be shredded. Contact Shred-it^® today to learn more about how we can help keep your business’ physical data secure.

^{*Contact Shred-it® for service availability.}

^{This article is for general information purposes only and should not be construed as legal advice on any specific facts or circumstances.}

title

Get the Info Sheet

image

download

https://publish-p29452-e94470.adobeaemcloud.com/content/dam/shred-it/global/images/resources/SID-Knowing-What-to-Shred-Generic.pdf

Style

list-style-bullets