TS EN 15713 Certificate
TS EN 15713 is a standard that describes the rules and principles for the safe disposal of confidential materials. Businesses that fulfill the requirements of the standard can obtain TS EN 15713 Certificate by applying to accredited certification bodies. This document shows that institutions destroy all kinds of confidential information and documents with accepted techniques and methods. The TS EN 15713 Certificate helps businesses to act more responsibly and to adapt more easily to legal regulations in this regard, where data privacy is becoming increasingly important.
In today´s fast-paced business world, knowledge is one of the key factors in the success of organizations of varying sizes from every industry. That´s why it´s critical that businesses of all sizes protect their confidential data, including customer details, employee records, and financial and accounting information. There are various legal regulations that impose financial penalties on companies that do not keep their data securely. Therefore, there is a need for standard principles, procedures and guidelines to ensure that confidential data is protected until the end of its life cycle.
ISO 15713 is a very important standard that fills the gap in this regard. It determines the measures that organizations should take to ensure the security of confidential data. It provides recommendations regarding the management and control of the collection, transportation and disposal of classified materials to ensure the safe disposal of such materials. Developed by the European Electrotechnical Standards Committee (CENELEC), EN 15713 should be the first point of reference for any organization looking to develop secure data destruction processes. Organizations that have received the TS EN 15713 Certificate have taken a very important step in the safe disposal of confidential materials.
EN 15713 Standard Scope
EN 15713 places emphasis on assuring safe disposal service, security checks of personnel involved in the covert shredding of documents and other vehicles, securing vehicles, alerting and monitoring buildings, and correct handling and destruction of confidential materials. EN 15713 is a comprehensive standard in this context and addresses much more than shredding dimensions as it provides a complete safe solution.
Customers who purchase the products and services of a data destruction company want to ensure that the company has the EN 15713 Certificate included in the ISO 9001 Quality Management System. EN 15713 certification requires annual audits through accredited certification bodies. Certified companies must verify that they dispose of confidential materials safely, through various processes and methods.
We can summarize the requirements of the EN 15713 standard as follows:
Confidential destruction facilities: The standard states that all facilities that perform information destruction must:
o Owning a management office where the necessary records and documents for doing business are kept
o Being separate from other business or activities in the same facility
o Having a burglar alarm monitored by an alarm center
o Have a CCTV (Closed Circuit Television) system with recording facilities monitoring unloading, storage and processing areas; Images must be retained for at least 31 days unless otherwise agreed with the client.
Contracts: Standard requires the following legal agreements regarding responsibilities:
o There must be a written contract covering all transactions between the customer and the organization.
o Subcontracted work should only be allocated to companies that follow the recommendations in the standard.
o If subcontractors are used, customers should be informed under all circumstances.
As a data controller, the customer must:
* Choosing a data processor that guarantees technical and organizational security measures
* Taking the right steps to ensure compliance with these measures
* Personnel: The standard states that all personnel involved in the destruction of confidential data must:
o Subject to security audit including Disclosure and Blocking Service (DBS) control
o Signing a confidentiality agreement before starting work
Collection and storage of confidential material: The standard requires information destruction companies to take the following precautions when collecting confidential data:
o Confidential material to be collected must be protected from unauthorized access from the point of collection to complete destruction.
o Collection must be carried out by uniformed and properly trained personnel with photo ID.
o Confidential material must be destroyed within one business day of arrival at the disposal center where the shredding took place off-site.