How do I document records destruction and create a certificate of destruction?
Documenting destruction is what turns the routine disposal of records into a defensible process. Without proof, an organization cannot show that records were destroyed legitimately rather than lost, hidden, or removed improperly. A certificate of destruction is the formal record that captures that proof.
Destroy only what is authorized
Documentation starts before anything is destroyed. Confirm each record has met its retention period under an approved retention schedule, and verify there is no active legal hold, audit, investigation, or open records request that would suspend disposition. Destruction carried out while a hold is in effect can carry serious legal consequences. Only records that are eligible and free of any hold should move forward.
For background on schedules and disposition authority, see the fundamentals topic hub.
What a certificate of destruction should capture
A certificate is a concise, signed record documenting that authorized destruction occurred. It generally includes:
- Description of the records — series or category, format (paper, electronic, media), and date ranges, identified well enough to show what was covered without listing every item.
- Authority for destruction — the retention schedule or disposition authority that permitted it.
- Date and location of the destruction.
- Method used — for example shredding, pulping, incineration, or secure data/media sanitization.
- Personnel involved — who authorized, who performed, and any witness or third-party vendor.
- Confirmation of completeness — a statement that the listed records were fully and irreversibly destroyed, with signatures.
Match the method to the sensitivity
The destruction method should be appropriate to the content. Routine records may need only standard shredding or deletion, while confidential, personal, or otherwise protected information warrants secure destruction and verified media sanitization so the data cannot be reconstructed.
Treat the certificate as a record
The certificate itself is a record of the disposition and should be retained according to your schedule, often well beyond the life of the destroyed records, so the organization can demonstrate compliance later. Keep certificates organized and retrievable.
Build it into a repeatable process
Sound practice, consistent with recognized records management standards, treats destruction as a controlled, documented step in the records lifecycle rather than an afterthought. Standardize your certificate template, require sign-off before disposal, and log every destruction event so the organization maintains a complete, auditable history of what was destroyed, when, and under what authority.
Sources & further reading
Authoritative government and non-profit references.
- Records management policy and guidance — National Archives (NARA)
- ISO 15489-1 Records management — ISO
How to cite this page
APA
RM University Editorial. (2026). How do I document records destruction and create a certificate of destruction?. Records Management University. https://www.recordsmgmt.org/questions/how-to-document-destruction-and-create-a-certificate-of-destruction/
MLA
RM University Editorial. "How do I document records destruction and create a certificate of destruction?." Records Management University, 16 June 2026, www.recordsmgmt.org/questions/how-to-document-destruction-and-create-a-certificate-of-destruction/.
Related questions
- An employee left and had work records saved only on their personal phone or laptop — how do we recover them?
- Are the outputs of generative AI tools like ChatGPT and Copilot considered records that have to be retained?
- Can a company use a single global retention schedule across multiple countries or do different national laws force separate ones?
- Can an employee be personally fined or fired for deleting records they were supposed to keep?
- Can blockchain make records tamper-proof, and does an immutable ledger satisfy recordkeeping and retention requirements?