Which statement describes a valid method for destroying hard-copy materials containing cardholder data under PCI DSS requirements?

Hard-copy cardholder data must be destroyed in a way that makes the information unreadable and irrecoverable. Secure destruction methods like crosscut shredding, incineration, or pulping achieve this by breaking the paper down so the data cannot be reconstructed. Storing destroyed materials in unsecured bins delays disposal and leaves data exposed, which is not compliant. Reusing shredded paper for packaging could still reveal fragments containing cardholder data, so it doesn’t meet the requirement for permanent destruction. Scanning the documents and deleting digital copies addresses electronic records, but it does not destroy the physical paper, which would still contain sensitive data until properly destroyed.