Supporting performance-based provisions for protecting forest ecosystem health, conserving biodiversity, protecting soil and water resources, safeguarding areas of significant ecological or cultural value, protecting the rights of indigenous peoples and ensuring sustainable yields is consistent with RRD's sustainability principles.
To that end, RRD is committed to implementing, maintaining and offering our customers raw material supply options that may include, but not be limited to, chain-of-custody certifications by the Forest Stewardship Council®, Sustainable Forestry Initiative®, and Programme for the Endorsement of Forest Certification Schemes.
RRD's multi-site SFI chain of custody certification means that RRD can offer its customers the choice to use SFI certified paper(s) and display the SFI logo on their finished product, demonstrating that they support responsible practices that play a critical role in ensuring the long term health of our forests.
PEFC (Programme for the Endorsement of Forest Certification schemes) is an independent, non-profit, non-governmental organization, founded in 1999, which promotes sustainably managed forests through independent third party certification.
The International Standards Organization 14001 certification is designed to provide a tool to allow a site to control the environmental impact of its activities, products or services, and to continuously improve its environmental performance. This distinction means this site has exemplary environmental, health and safety programs.
The AICPA Service Organization Control (SOC) 2 audit defines an organization’s adherence to the AICPA Trust Principles. RRD adheres to three AICPA Trust Principles: Data Security, Data Confidentiality, and Data Availability, and was among the first companies to transition to the SOC2/AT101 audit framework. RRD has completed the SOC2 audit or its SAS70 predecessor for nearly all of its facilities every year for more than a decade.
The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) was created in an effort to define an industry standard for the certification of security and privacy controls for Protected Health Information (PHI). RRD is committed to meeting the needs of an evolving healthcare industry. In addition to being among the first to undergo an assessment of the CSF controls through a SOC2 audit, which covered more than 20 of its facilities in the first year, RRD is a founding member on the HITRUST Business Associate Advisory Council.
The U.S. Department of Commerce (USDC) grants the Safe Harbor Certification to companies that are in compliance with the European Union (EU) Data Privacy Directive, which provides regulatory requirements for the protection of the personal information of EU citizens. The EU Directives prohibit the transfer of personal data to countries that do not have comparable regulatory requirements. Nearly all RRD facilities in the U.S. are registered as Safe Harbor certified with the US Department of Commerce.
The International Organization for Standardization (ISO) 27001 is both a framework and a certification for an organization’s information security program. The ISO 27001 assesses an organization’s policies, procedures and controls across 11 domains. RRD has adopted the ISO 27001 framework for its information security program, and has obtained ISO 27001 certification for 12 select locations.
The Payment Card Industry Data Security Standard (PCI DSS) is a formal and stringent data security standard for the processing, storing and transmitting of credit card information. PCI-compliant environments are strictly isolated and adhere to rigid rules for data flow in and out of the environment and tight restrictions on who can access the environment. RRD maintains 15 PCI-compliant facilities globally to meet customer needs.
The Occupational Health and Safety Assessment Specification (OHSAS) 18001 is earned by sites that have implemented safety and health management systems to make safety more efficient and integrated into overall business operations.
*SASST = Sistema de Administración de la Seguridad y Salud en el Trabajo, the Mexican Labor Secretariat (STPS) certification for accreditation of the management system and security in the workplace.
The International Standards Organization (ISO) 9001 certification is designed to assist organizations, of all types and sizes, to implement and operate an effective Quality Management System, where an organization needs to demonstrate its ability to provide products that fulfill customer and applicable regulatory requirements and aims to enhance customer satisfaction. RRD sites use ISO 9001 as the basis for continual improvement initiatives related to the quality of Products and Services.
The International Standards Organization (ISO) 27001 certification is designed to assist organizations in establishing and maintaining an effective information management system including principles for governing the security of information and network systems. The implementation of this standard is intended to provide the foundation for continual improvement in the management of information systems at RRD sites and is harmonized with other management standards, such as ISO 9001 and ISO 14001.
The International Standards Organization (ISO) 13485 is designed to specify requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.
Phone: 1.312.326.8000 Fax: 1.312.326.8001
35 West Wacker Drive Chicago, Illinois 60601