ARCHIVED Destruction of Sensitive Information

Attention! We’ve Moved! The Supply Manual has moved to the CanadaBuys website. Check out the new landing page for the Supply Manual.

Attention! We’ve Moved! The SACC has been archived and moved to the CanadaBuys website. Check out the new landing page for the archived SACC manual

Archived Content

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Item Information

Policy Notification ID
PN-40
Associated SM version
1999-2
Associated SACC Manual version
1999-2
Effective date
1999-04-06
Pilot policy
No

After a recent situation in the Pacific Region, the Corporate Security Division (CSD) and Industrial Security Division (ISD) have developed interim procedures and clauses to be used by procurement officers in contracting for the destruction of sensitive information.

Legal Services have completed review of the clause and it has been included in a joint communication document between CSD and ISD which was mailed in February, 1999, to Regional Directors of Supply, Headquarters Materiel Management, the Regional Managers of Security and Regional Field Industrial Security Officers.

The present document has 4 divisions:

Supply Manual Policies and SACC Manual Clause

Annex A: Classification Levels of Shredders

Annex B: Request for Non-Accessioned Disposal

Annex C: Security Requirements Check List (SRCL)

The present Policy Notification has been prepared as an interim measure. Related changes to the Supply Manual and the SACC Manual will be incorporated in the next amendment, both to be released in December 1999.

Destruction of Sensitive Information

Corporate Security Technical Standard

SUPPLY MANUAL POLICIES

A Introduction

The Government Security Policy (GSP) states that sensitive (classified and designated) information for which the retention period approved by the National Archivist has expired, and that does not have a historical or archival value, should be promptly destroyed. The associated Physical Security Standard (Chapter 2-2 of the Treasury Board Manual, Security) affirms that sensitive non-electronic information must be destroyed using equipment listed in the Security Equipment Guide.

Exception: Low sensitive designated information may be discarded after hand shredding. This technical standard sets out the procedures for the destruction of sensitive information in Public Works and Government Services Canada (PWGSC).

B Internal Shredding

Destruction of Classified Information and Designated Protected "C" Information

1. a) Classified information marked Secret or Top Secret or designated Protected "C" must be destroyed using Type II destruction equipment which reduces paper assets to a maximum of 1x14.3mm (Annex A).

1. b) Classified information at the Confidential level must be destroyed using Type III equipment which reduces paper fragments to a maximum of 5mm in width and any length (Annex A).

2. Classified information and information designated Protected "C" are to be destroyed only within the department.

3. An approved shredder must be used to shred sensitive information (see: RCMP Security Equipment Guide SSB/SG-20).

4. A label is to be affixed to the shredder indicating the highest level of sensitive information that can be destroyed by this equipment. The label will also include information on the nearest phone number for emergency repair and the nearest location and contact name for alternate similarly approved shredding equipment.

5. Information awaiting destruction must be safeguarded in the same manner prescribed by the highest level of classified or designated information involved in the destruction process.

6. Sensitive information awaiting destruction is to be kept separate from other information awaiting destruction.

7. The client department shall ensure that only designated material no higher than Protected B level is provided to the Contractor for destruction under any resulting Contract.

Destruction of Designated Information

1. Based on guidelines in the GSP and the varied nature of designated assets at the Protected "A" and "B" levels among different government departments, destruction levels for these assets are left to individual departments based on a threat and risk assessment (TRA). Notwithstanding, most government departments group the Protected "A" and "B" assets with Confidential assets and use Type III approved equipment which reduces paper assets to a maximum of 5mm in width and any length (Annex "A").

2. An approved shredder must be used to shred sensitive information (see: RCMP Security Equipment Guide SSB/SG-20).

Exception: Low sensitive designated information (Protected "A") may be discarded after hand shredding.

3. A label is to be affixed to the shredder indicating the highest levels of sensitive information that can be destroyed by this equipment.The label will also include information on the phone number for emergency repair and the nearest location and contact name for alternate similarly approved shredding equipment.

4. Information awaiting destruction must be safeguarded in the same manner prescribed by the highest level of classified or designated information involved in the destruction process.

5. Sensitive information awaiting destruction is to be kept separate from other information awaiting destruction.

C Exterior Bulk Destruction

(includes National Archives and Contractors' Premises)

1. No PWGSC classified information or Protected "C" designated information is to be forwarded for destruction outside the department.

2. When sensitive designated (Protected "A" and Protected "B") information is being forwarded for destruction, at the National Archives or a Contractor's premises the following applies:

  1. Information awaiting destruction must be safeguarded in the same manner prescribed by the highest level of classified or designated information involved in the destruction process.
  2. A Type IV approved equipment which reduces paper assets to a maximum of 5mm in width and any length (Annex "A") is required (see: RCMP Security Equipment Guide SSB/SG-20).
  3. A Request for Non-Accessioned Disposal (ARC 0203 (r.88.07)) (Annex B) is to be completed for the destruction of sensitive documents. The upper half is to be completed by the originator of the request for destruction. The bottom section, Certificate for Destruction, should be completed by the Federal Records Center of National Archives Canada or by the contractor. It includes the date of destruction and signature of the authorized person who witnessed the destruction.
  4. The Canadian and International Industrial Security Division (CIISD) issues the Facility Security Clearance (FSC) for Contractors performing sensitive government destruction at their facilities, on behalf of PWGSC and its clients.
  5. CIISD ensures the client's requirements for handling, storing and transportation of the waste material at the Contractor's facilities are met in accordance with established security policies and standards.
  6. Verification of the security screening of Contractor personnel can be obtained from CIISD.
  7. Information is to be destroyed on site, and under no circumstances is the waste material to be sold before it is shredded.

PROCEDURES

Mobile Destruction

The Regional Manager of Security (or, for the National Capital area, the local security representative) is to be contacted any time mobile shredding is being considered.

1. No PWGSC classified information or designated Protected "C" information is to be forwarded for destruction outside the department.

2. Information awaiting destruction must be safeguarded in the same manner prescribed by the highest level of classified or designated information involved in the destruction process.

3. Sensitive designated information awaiting destruction is to be kept separate from other information awaiting destruction.

4. The CIISD conducts personnel security screening on the Key Senior Management of the Contractor, but the operators of the mobile shredding equipment are not cleared.

5. Verification of Key Senior Management security clearances can be obtained from CIISD.

6. Information is to destroyed at the departmental site.

7. The departmental organization is responsible for collecting and delivering its information to the destruction equipment on the departmental site.

8. An employee of the departmental organization who is cleared to the same level as the information being destroyed must be present to monitor the destruction process.

9. The departmental employee should ensure that extra paper is run through the disintegrator to prevent sensitive information being left in the machine.

10. The Regional Manager of Security (or, for the National Capital area, the local security representative) is to ensure that equipment conforms with approved size standards and that the cutter is functioning properly by testing several sheets of waste paper.

11. a) The following is the criteria for Mobile Disintegration:

  1. Equipment is approved for the destruction of Confidential information and designated information up to and including particularly sensitive when it is fitted with a 3/8 inch security screen.

b) The following are minimum recommendations when contracting mobile shredding companies:

  1. specify in the contract clause the requirement for paper assets to be reduced to a maximum of 5mm in width and any length (Annex "A") and request a sample before issuing the contract.
  2. verify the residue (if questionable, forward to Corporate Security for RCMP verification of whether the equipment being used is satisfactory) and obtain a sample for future reference.
  3. if the destruction is done in multiple batches or over a number of days, hourly samples should be taken.

12. The Certificate for Destruction should be completed by the company. It is to include the date of destruction and signature of the authorized person who witnessed the destruction.

13. Please have questions directed to the Manager, Corporate Security.

SACC MANUAL CLAUSE

F2036D (__/__/99) Security Requirements

1. The attached Security Requirements Check List (SRCL) identifies the security requirements for the destruction of designated information at the Protected A and B levels using approved shredding equipment on the Contractor's premises.

2. The Contractor shall, at all times during the performance of the Contract, hold a valid Designated Organization Screening (DOS), with approved Document Safeguarding at the level of Protected B, issued or approved by the Canadian & International Industrial Security Division (CIISD) of the Department of Public Works and Government Services Canada.

3. Contractor personnel who will perform the shredding services and/or who will require access to designated information, assets or sensitive work sites shall each hold a valid Enhanced Reliability screening, granted or approved by CIISD.

4. Should the Contractor choose to utilize the services of mentally challenged individuals, then Enhanced Reliability screening will not be required, however, these individuals shall be under the constant supervision of an authorized company representative who shall hold the required level of Enhanced Reliability screening.

5. The Contractor shall comply with the provisions of:

  1. the Security Requirements Check List (SRCL), attached at Annex C which includes a Security Guide.
  2. the Industrial Security Manual (June 1992). 

CLASSIFICATION LEVELS OF SHREDDERS

The following lists the classification levels of shredders as defined in the Destruction in the National Interest (DNI) Test Standard. Figures 1 and 2 illustrate these definitions, where Samples 1 and 2 areactual examplesofType II and Type III Shredder chaff.

TYPE II

A single piece of residue shall be no greater than1.00 mm in width and 14.3 mm in length, provided there is no more than one complete alphanumeric character from any one line, and no more than one complete alphanumeric character from the one immediately above and below the said line. Consistent with the foregoing, there shall not be more than three (3) complete alphanumeric characters*on any one piece of residue.

FIGURE 1
Actual examples

SAMPLE 1
1.00 mm in width and 14.3 in length,
See below actual size

NOTE : *An alphanumeric character in this standard cannot be smaller than 15 cpi with 6 lpi

TYPE III

A single piece of residue shall be no greater than 5.0 mm (0.20 inch) in width and any length, providing there are no more than three complete alphanumeric characters* on any one line.

FIGURE 11 
Actual examples

SAMPLE II 
5.0 mm (0.20 inch) in width and any length, 
See below actual size

NOTE: *An alphanumeric character in this standard cannot be smaller than 15 cpi with 6 lpi. Annex B Annex C

Annex B

Annex C

1.

2.

3.

4.

Feedback about this web site