There is an entire industry devoted to the destruction of electronic data and other information. Review the standards of the National Association for Information Destruction for certifying that information has been destroyed. Know when you or your client is required to destroy information because of legal or administrative requirements:

1. The Fair and Accurate Credit Transactions Act of 2003 sets guidelines for the destruction of consumer data.

2. Penalties may be assessed under HIPAA for the failure to destory Protected Health Informatoin (PHI)

3. Major credit card companies formed the Payment Card Industry (PCI) Security Standards Council, which sets standards for when data on credit card accounts must be deleted to protect against identify theft.

See NAID's web site at: http://www.naidonline.org/nitl/en/cert/history-purpose.html