Current through Register Vol. 35, No. 18, September 24, 2024
On-site destruction of records may occur at the custodial
agency's location. For approval of on-site destruction, the records custodian,
chief records officer or records liaison officer shall submit a request on a
form approved by the state records administrator.
A. The form may be submitted electronically
with a valid digital signature issued by the state records
administrator.
B. The state records
administrator or designee may inspect records prior to approval of on-site
destruction.
C. The state records
administrator may suspend destruction of records determined to have historical
value and, upon approval of the Commission, transfer the records to the state
archives.
D. For legal and audit
purposes, the agency shall retain a certificate of destruction as proof of the
records destroyed. The certificate of destruction shall include, at a minimum,
the following information:
(1) For paper
records:
(a) place and date of pick
up;
(b) printed name and signature
of employee(s) performing service;
(c) printed name and signature of
witnesses;
(d) number of pounds
destroyed/shredded (vendor) or number of boxes (agency certified);
(e) date of destruction/shredding;
(f) identification of company's authorizing
agent by name and position;
(g)
printed name and signature of official certifying the destruction (vendor or
designated records management personnel); and
(h) statement that shredded records cannot be
read, interpreted, or reconstructed.
(2) For electronic records:
(a) records classification;
(b) printed name and signature of employee(s)
performing destruction;
(c) printed
name and signature of record owner;
(d) number of e-records destroyed;
(e) date of destruction;
(f) printed name and signature of official
certifying the destruction (designated records management personnel);
and
(g) statement that destroyed
records cannot be read, interpreted, or reconstructed.
E. Approved methods for on-site
destruction of records are as follows:
(1)
Records that contain confidential or sensitive information shall be destroyed
through a bonded and insured document recycling vendor by shredding in such a
manner that the information cannot be read, interpreted or
reconstructed.
(2) Records that do
not contain confidential or sensitive information shall be destroyed by:
(a) recycling by a bonded document recycling
vendor;
(b) shredding; or
(c) dumpsite burial.
(3) Records which have been contaminated may
be destroyed by:
(a) any of the approved
methods described above; or
(b)
incineration.
(4)
Agencies shall select from the following methods of destruction for electronic
records:
(a) erasure from electronic media and
all back up media;
(b) overwriting
of reusable magnetic media multiple times as recommended by the United States
(U.S.) department of defense;
(c)
degaussing of the magnetic media; or
(d) physical destruction of the media as
recommended by the U.S. department of defense.