BS EN 15713 Explained: The UK Secure Destruction Standard for 2026

When choosing a document shredding provider, you'll often see references to "BS EN 15713 compliant" or "certified to BS EN 15713:2023". But what does this standard actually mean, and why should it matter to your business?

BS EN 15713 is the European standard for secure destruction of confidential material. It sets the framework for how shredding companies should operate, from security protocols to staff vetting and destruction certificates. Understanding this standard is crucial when selecting a provider you can trust with your confidential waste.

What is BS EN 15713?

BS EN 15713 is the British and European standard (British Standard / European Norm) that specifies requirements for service providers offering secure destruction of confidential material. First published in 2009, it underwent a significant update in 2023 to reflect changes in data protection legislation and evolving security threats.

The standard covers the entire chain of custody from the moment your confidential documents leave your premises until they're completely destroyed. It applies to all forms of confidential material destruction, including paper documents, hard drives, optical media, and other data-bearing items.

Unlike manufacturing standards that focus on equipment specifications, BS EN 15713 focuses on organisational processes, security protocols, and operational procedures. It's about how a company manages your confidential waste, not just how they shred it.

Key Requirements of BS EN 15713:2023

The 2023 update strengthened several areas to align with GDPR requirements and modern security threats. Here are the core elements:

Security and Chain of Custody

BS EN 15713 requires secure handling from collection through to destruction. This includes:

• Lockable containers for document collection
• Sealed bags or bins that cannot be tampered with in transit
• GPS tracking on collection vehicles
• Documented chain of custody records
• Secure storage facilities for material awaiting destruction
• Destruction certificates issued for every collection

These requirements ensure your confidential material cannot be accessed, lost, or misdirected between your office and the shredding facility.

Staff Vetting and Training

All personnel handling confidential material must undergo security vetting. The standard requires:

• Background checks on employees with access to confidential material
• Regular security awareness training
• Confidentiality agreements signed by all staff
• Clear procedures for visitors and contractors
• Regular audits of staff compliance

This human element is critical. Even the best shredding equipment means nothing if staff aren't properly trained and vetted.

Destruction Methods and Security Levels

BS EN 15713 works alongside DIN 66399, the international standard that defines destruction security levels. For paper documents, most organisations require:

• P-3 security level: Suitable for general confidential documents
• P-4 security level: Required for sensitive personal data under GDPR
• P-5 or P-6 security levels: For highly classified or top-secret material

Cross Cut Shredding operates at P-4 security level as standard, exceeding the requirements for GDPR compliance and providing peace of mind for businesses handling personal data.

Management Systems and Documentation

Certified providers must maintain comprehensive documentation including:

• Risk assessments for all processes
• Incident reporting and management procedures
• Regular internal audits
• Management review meetings
• Continuous improvement processes
• Destruction certificates retained for specified periods

This documentation creates an auditable trail proving your duty of care obligations have been met.

The 2023 Update: What Changed?

The BS EN 15713:2023 revision introduced several important updates:

Stronger Data Protection Alignment: The standard now explicitly references GDPR requirements, making it clear that destruction services must support compliance with UK data protection legislation.

Enhanced Digital Media Destruction: With hard drive destruction becoming increasingly common, the 2023 update strengthened requirements for electronic media, including degaussing, physical destruction, and verification procedures.

Improved Traceability: The updated standard requires more detailed chain of custody documentation, including GPS tracking capabilities and real-time tracking options for high-security collections.

Climate and Sustainability Considerations: The 2023 version includes requirements for environmental management, waste hierarchy compliance, and recycling credentials—reflecting the growing importance of sustainable waste management.

Third-Party Certification Requirements: The update clarified that certification must be conducted by independent, accredited certification bodies (not self-certification), and requires regular surveillance audits.

Why BS EN 15713 Matters for GDPR Compliance

Under GDPR Article 5, organisations have a legal obligation to ensure personal data is "processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing".

When you pass confidential documents to a shredding provider, you remain legally responsible for that data until it's destroyed. If your provider loses documents or fails to destroy them securely, you could face:

• ICO enforcement action and fines up to £17.5 million or 4% of annual turnover
• Breach notification requirements to affected individuals
• Reputational damage and loss of customer trust
• Legal action from affected data subjects

BS EN 15713 certification provides evidence that your chosen provider has appropriate security measures in place. It's your due diligence defence if ever questioned by the Information Commissioner's Office.

It's worth noting that 40% of data breaches involve paper documents, not digital systems—making your choice of shredding provider just as important as your cybersecurity measures. Understanding GDPR document destruction requirements helps ensure you're meeting all your legal obligations.

What to Look for When Choosing a Provider

When evaluating document shredding services, BS EN 15713 certification should be near the top of your checklist. Here's what to verify:

Current Certification: Ask to see their certificate and check it's in date. Certificates typically require annual surveillance audits to maintain validity.

Accredited Certification Body: Verify the certification was issued by a UKAS-accredited body (United Kingdom Accreditation Service), not a self-certification or trade association membership.

Security Level: Confirm they operate at P-4 or higher for cross-cut shredding—the level required for GDPR-regulated personal data.

Destruction Certificates: Check they issue certificates after every collection, including details of quantity, date, and destruction method.

Insurance Coverage: BS EN 15713 providers should carry appropriate professional indemnity insurance for confidential waste handling.

Transparency: Reputable providers will openly discuss their compliance. If a company is evasive about certification or won't show documentation, that's a red flag.

On-Site vs Off-Site Shredding: Does the Standard Apply to Both?

Yes. BS EN 15713 applies to both on-site mobile shredding services and off-site destruction at a secure facility.

For on-site shredding, the standard requires secure mobile shredding vehicles, trained operators, and proper segregation of shredded material. The advantage is you can witness destruction, but the standard still governs what happens after the shredded material leaves your premises.

For off-site shredding, the standard covers collection containers, transport security, facility access controls, and destruction procedures. While you don't witness the shredding, the comprehensive audit trail provides assurance.

Cross Cut Shredding also offers a drop-in service at our Yeovil facility, where you can watch your documents being destroyed—combining the security of BS EN 15713 certification with the peace of mind of witnessing destruction.

Beyond Compliance: Building Trust

While BS EN 15713 certification is about meeting regulatory requirements, it also demonstrates a provider's commitment to professionalism and continuous improvement. Companies that invest in certification are typically those that take security seriously across all aspects of their operation.

Look beyond the certificate itself. Review Google reviews, check how transparent they are about pricing, and assess their customer service. A provider with 5-star reviews and 127+ testimonials, like Cross Cut Shredding, demonstrates consistent service delivery—certification proves they have the systems to maintain those standards.

Making an Informed Decision

Understanding BS EN 15713 empowers you to ask the right questions when choosing a shredding provider. It's not just a bureaucratic box-ticking exercise—it's a framework that protects your organisation from data breaches, regulatory fines, and reputational damage.

When evaluating providers:

1. Verify current BS EN 15713:2023 certification from a UKAS-accredited body
2. Confirm P-4 or higher destruction security level
3. Check they issue destruction certificates after every collection
4. Review their chain of custody procedures and GPS tracking capabilities
5. Ask about staff vetting and training programmes
6. Assess their transparency about processes and willingness to answer questions

The right provider won't just meet the standard—they'll exceed it. They'll explain their processes clearly, provide transparent pricing, and make you feel confident that your confidential waste is in safe hands. If you're evaluating what documents need shredding, professional guidance from a certified provider can help ensure nothing is overlooked.

Protect Your Business with Certified Secure Destruction

Cross Cut Shredding is certified to BS EN 15713:2023 and operates at DIN 66399 P-4 security level, ensuring your confidential documents are destroyed to the highest standards. Based in Yeovil, Somerset, we serve businesses and domestic customers across Somerset, Dorset, Wiltshire, and Devon.

Whether you need regular collections, one-off purges, or our unique drop-in service where you watch your documents being shredded, we provide the security, transparency, and peace of mind that BS EN 15713 certification represents. For detailed information about costs, see our guide on document shredding service cost.

Contact us today for a free quote or to discuss your confidential waste requirements. Call 01935 577 510 or visit crosscutshredding.co.uk to learn more about our GDPR-compliant shredding services.