Code of Practice

1. Name

The name of the association is the: `UNITED KINGDOM SECURITY SHREDDING ASSOCIATION’. Hereafter also referred to as UKSSA or ‘the Association’.

2. Aims and objectives

i) To collectively promote members’ security shredding and confidential data destruction services at local and national levels.

ii) Offer member services for the secure destruction of all data including paper, tape, acetate, film and electronic media.

iii) Have a broad membership to ensure effective representation of all areas of the United Kingdom and Ireland.

iv) Ensure that members are committed to offering a service that is appropriate to customers’ requirements.

v) Offer advice and assistance to external organisations requiring disposal and destruction of confidential documents and data.

vi) To rigorously enforce the standards set by the Association across all members. vii) Establish and maintain high standards of service and performance throughout the security shredding industry.

viii) Liaise with government and other legislative, authoritative and regulatory bodies at local, national and international levels to establish, maintain, improve and enforce the highest standards of operation and best practice throughout the industry.

3. Standards

3.1. Compliance

All members must comply with the requirements of the UKSSA Code of Practice, the Data Protection Act, BS EN 15713 and BS 7858. Where there is a conflict, the UKSSA Code of Practice will take precedence.

3.2. Building security

i) The destruction process must be in secure isolation from any other processing.

ii) Buildings must be of a secure nature and have high security locks with restricted access to unauthorised personnel at all times.

iii) All unprocessed material must be stored in secure facilities.

iv) Buildings should comply with all relevant fire and safety regulations.

v) Buildings involved in the destruction or storage of confidential material must be alarmed.

vi) Premises must have full time closed circuit television monitoring systems and/or an appropriate level of on-site security personnel, and must comply with the current Data Protection Act.

3.3 Secure collection containers

i) All containers used must be lockable or sealable.

ii) Numbered seals will be provided on customer request.

3.4 Mobile shredding operations

Where a member operates mobile shredding units, the confidential material should not be moved to facilities that are remote from the client’s location. Vehicles should meet the following requirements:

i) Vehicles must be clean and presentable at all times.

ii) Vehicles must have a rigid box body.

iii) Vehicles must be fitted with lockable and/or sealable doors.

iv) Vehicles must be capable of communicating with base during operation.

v) Vehicles must not be left unattended when unprocessed confidential material is on board.

vi) Vehicles must be fitted with an insurance approved immobilising device that functions whilst material is being processed.

vii) Vehicles must conform to the shred size as set out in 3.7 SHREDDING, below

3.5 Transport

i) Vehicles must be clean and presentable at all times.

ii) Vehicles must have a rigid box body or secure container capable of accommodating all security sensitive materials.

iii) All vehicle doors must be lockable and vehicle bodies sealable.

iv) Vehicles must not be left open or unlocked whilst unattended, keys must never be left in the vehicle.

v) Vehicles must be capable of communicating with base during operation.

vi) Vehicles must be fitted with an alarm or immobiliser.

vii) Sub-contractors must comply with UKSSA standards at all times. It is the duty of the member to ensure sub-contractor conformity.

3.6 Security & audit trail

Material collections and deliveries will be documented at all stages of the process, through to the issue of a Certificate of Destruction after the material has been shredded, to provide an audit trail as clear proof of service completion. A contract must exist between the data controller and the processor in line with the requirements of the Data Protection Act Regulations.

3.7 Shredding

All members must have the availability of shredding equipment to meet the following:

i) Shred size of no greater than 22mm OR total destruction

ii) Members should ensure all material is destroyed within 24 working hours of collection.

3.8 Personnel

i) Members must ensure their integrity by vetting employees directly involved in any aspect of their shredding/destruction operation to BS 7858.

ii) Personnel must have received the necessary training and hold appropriate qualifications to ensure they are competent in all aspects of their work.

iii) Identity passes must be issued and worn by all employees at all times. Passes should include a recent photograph of the employee, employee’s name, position, company name and contact telephone number. Passes should bear an expiry date of no greater than 3 years.

iv) Drivers must be suitably attired with smart safety clothing.

v) All personnel involved in the security shredding and/or confidential data destruction departments of the business must have signed a confidentiality agreement.

3.9 Insurance

i) All members must have a minimum £5,000,000 public & products liability and £10,000,000 employers’ liability insurance.

3.10 Inspections

i) Members will subject themselves to vetting by an UKSSA appointed independent security consultant to ensure compliance with UKSSA standards. Upon successful completion a Certificate of Conformity will be issued.

ii) Members must be compliant with the current Data Protection Act and BS EN 15713.

iii) Members must be registered with the Environmental Agency under the Duty of Care Waste Regulations.

iv) Any member holding national contracts has the right to inspect sub-contractor members at any time.

iv) Members must provide the facility for customers to inspect all security shredding facilities at mutually convenient times.

3.11 Environmental care

i) All shredded material should be disposed of in an environmentally responsible manner.

ii) All processes should have as little detrimental impact on the environment as possible.

4. Management

The management of affairs of the Association shall be vested in an Executive Council consisting of:

i) Chairman, Vice Chairman, Treasurer and Secretary.

ii) All full members and/or their representatives.

iii) The Chairman, Vice Chairman, Treasurer and Secretary will be elected annually from among full members of the Association and the term of office shall be one year.

5. Proceedings

i) The Association Executive Council shall meet monthly, or at such intervals as may be convenient for the relevant business dealings and meetings shall be held at places determined by the Executive Council.

ii) The quorum for the Executive Council’s business shall be not less than 50%.

iii) At such meetings, each fully accredited member shall have one vote and all resolutions and decisions of the Executive Council shall be made by a simple majority of votes cast. In the event of a tied vote, the chairman of the meeting shall hold the casting vote.

6. Membership

i) To have qualification, members must be actively involved in the process of security shredding and have facilities available to meet the standards as set out by the Executive Council.

ii) Members may only be elected or expelled with the full agreement of the Executive Council.

iii) Members may resign from the Association at any time by giving 6 months written notice. There will be no refunding of membership/audit fees upon resignation or expulsion.

iv) Any person or corporate body wishing to join the Association must hold the necessary qualifications and have two full Association members to propose and second any nomination in writing to the Chairman or Treasurer.

v) The Association, at its discretion, may determine the maximum number of members of UKSSA and declare membership closed whenever it may think fit.

7. Promotion

i) Only fully accredited members will be able to declare or represent themselves as members of the Association.

ii) Only fully accredited members will be able to use the Association logo, namestyle, literature or other forms of communication.

iii) Only fully accredited production locations will be listed on the UKSSA website.

iv) Members should not use the UKSSA logo, namestyle, literature or other forms of communication to imply that member operations are fully accredited to UKSSA unless each operation is fully accredited to the UKSSA Code of Practice through independent audit.

v) Any member acquiring a new security shredding operation should not imply that this operation is fully accredited to the UKSSA Code of Practice under their Membership of UKSSA until an independent audit of the new operation has been carried out against the UKSSA Code of Practice.

vi) Any Member acquiring a new security shredding operation that has already been fully accredited to the UKSSA Code of Practice through independent audit can continue to imply that the operation is fully accredited to the UKSSA Code of Practice dependent on the frequency of audit for that operation being maintained in line with the UKSSA Code of Practice.

vii) Fully accredited Members should not use the UKSSA logo, namestyle, literature or other forms of communication to monopolise internet search engine listings.

8. Amendments to the rules

i) These rules may be modified, varied or supplemented as necessary by the Executive Council in the Association meetings.

Become a UKSSA member

Get in touch with our team

Find out more about the benefits of UKSSA membership.