Handbook of Business Procedures
Date published: October 23, 2012
Last revised: April 21, 2023
Issued by: Records Management Service
20.7.2. DESTRUCTION OPTIONS FOR CONTROLLED OR CONFIDENTIAL RECORDS
A. Introduction
Controlled or confidential information in master records, convenience copies, or transitory information records must be protected throughout the entire lifecycle of the records, including the destruction process. Master records that contain controlled or confidential information must be approved for destruction by Records and Information Management Services (RIMS) and destroyed following the steps in 20.5.4. Destruction Procedures and Form in addition to following the procedures that apply to the destruction of all controlled and confidential records.
B. Secure Destruction of Hard Copy Records and Removable Media Using an External Vendor
Departments may use the State of Texas CPA SPD (Comptroller of Public Account Special Purchasing Districts) vendor, ATI (formerly Austin Task), for ongoing destruction service of hard copy and removable media on a weekly, bi-weekly, or monthly basis as well as on a single event basis.
Departments may also contract directly with commercial vendors. The department should ensure that any vendor other than ATI is in compliance with NAID AAA certification standards. ATI has been vetted by the CPA SPD process. Contact RIMS for assistance with concerns about commercial vendor security standards compliance.
C. Secure Destruction of Hard Copy Records Using University Mail Services
Document Solutions offers secure document destruction services on a single-event basis. The UT Mail destruction service can provide a shred level that meets the National Institute of Standards and Technologies (NIST) Guidelines for Media Sanitation (Publication SP-800-88) requirements for destruction of paper (Table A-1) as required by the Texas Department of State Health Services and other grant sponsors for projects with animal and human subjects. Other vendors do not generally have this capability. The UT Mail Services Shredding Services webpage provides more information and a link to an online request for service form.
D. Secure Destruction of Hard Copy Records Using a Departmental Shredder
Departments may use shredders to destroy controlled or confidential records internally, following university disposition policy requirements listed in 20.5. Disposition of Records – General Information. In order to shred controlled or confidential documents within the department, each department must have shredding procedures developed in its records management plan. For more information, refer to 20.4.3. Records Management Plan. The Departmental Records Management Plan should demonstrate awareness of the following requirements:
- Submit a Request to Dispose of Records Form to RIMS and obtain authorization before shredding master records. Convenience copies and transitory information do not require RIMS authorization prior to shredding. Do not assume a record is either a convenience copy or transitory information. Before treating records as convenience copies or transitory information, determine where the master record is held. If that determination cannot be readily made, or when in doubt, treat the record as a master record and submit a Request to Dispose of Records Form to obtain authorization before destroying the record.
- Protect controlled and confidential documents awaiting shredding through the use of locked cabinets, closets, or other areas not accessible to unauthorized personnel.
- Demonstrate that staff has been notified of departmental shredding policy and procedures.
- Authorize a limited group of staff members to shred documents, and list their names in the department’s records management plan.
- Ensure that those authorized to shred documents have reviewed the RIMS Disposition Handout.
- Print and post a copy of one of the Before You Shred pages from the Disposition Handout on or near the departmental shredder or shred bin(s).
Shredding Security Level Requirements for Departmental Shredders
Departments and individual university employees may use departmental shredders to destroy master records that have been authorized for destruction as well as convenience copies and transitory information provided the shredder meets the security level requirements.
- Level P1 and P2 strip-cut shredders cut strips of varying widths by the entire length of the page and can be used for Published data classification records.
- Level P3 or P4 cross-cut shredders that produce shreds no larger than strip-cut 1/16-inch-wide strips or crosscut 5/32-inch x 2-inch or smaller pieces must be used for Controlled and Confidential records.
- Level P5 and higher micro-cut shredders cut paper into small particles and may be required for certain types of confidential information.
Records related to certain types of research may need to meet the National Institute of Standards and Technologies (NIST) (Table A-1) guidelines. They must be destroyed using a micro-cut level 6 shredder that produces particles rather than shreds. Texas Department of State Health Services requires the P6 standard, and other sponsors for projects involving animal and human subjects may require the P6 standard as well.
Few, if any, departments have shredders that destroy to the P6 standard. The UT Mail document destruction service does provide P6 shredding. The UT Mail Services Shredding Services webpage provides more information and a link to an online request for service form.
Note: Consult with Records and Information Management Services (RIMS) prior to using options other than those listed above to destroy records containing controlled or confidential information.