What are the biggest red flags when choosing a scanning company?

The most significant warning signs are: no ISO certifications, no Data Processing Agreement available, refusal to allow facility visits, unclear pricing with hidden costs, no ultrasonic multi-feed detection, no described QA process, vagueness about equipment, no client references, long lock-in contracts with penalties, and claims of 100% accuracy without described verification. Any of these should prompt further investigation before committing.

How can I tell if a scanning provider is hiding costs?

Ask for a total project cost including everything: document preparation, scanning, OCR, quality assurance, collection and return, output media, indexing and project management. If the provider quotes only a per-page rate, ask what is excluded. Compare total project costs rather than per-page rates. A seemingly cheap per-page quote that excludes preparation and QA often ends up more expensive than an inclusive higher rate.

Red Flags When Choosing a Document Scanning Provider

Most scanning providers present well on their websites. Professional photos, reassuring language about quality and security, competitive pricing. But appearances can be misleading, and committing your documents — and your data protection obligations — to the wrong provider can be costly and risky. These are the specific warning signs that should make you pause and ask more questions before proceeding.

No ISO Certifications

ISO 9001 (quality) and ISO 27001 (information security) are the baseline certifications for a professional scanning operation. If a provider does not hold either, it means their processes and security have not been independently verified. They may still do good work, but you have no external assurance that they do.

Be specific when checking: ask for the certificate number and check it is current. Certificates expire and are not always renewed. A provider displaying an expired ISO certificate is arguably worse than one that never held certification — it suggests standards have slipped.

No Data Processing Agreement Available

Under GDPR, a Data Processing Agreement is a legal requirement when a third party processes personal data on your behalf. If a scanning provider cannot immediately provide their standard DPA — or claims they do not need one — this is a serious red flag.

It suggests either a lack of understanding of their legal obligations or a deliberate avoidance of formal data protection commitments. Either way, it means your data protection compliance is at risk if you use them.

Reluctance to Allow Facility Visits

A reputable scanning provider should welcome visitors. Their facility is a selling point — clean, organised, secure, well-equipped. If a provider consistently defers or refuses visit requests, ask yourself what they do not want you to see.

Legitimate reasons for limited access exist — capacity constraints, scheduled maintenance, active high-security projects. But a blanket refusal should concern you. At minimum, a provider should be able to arrange a visit within a reasonable timeframe.

Unclear or Misleading Pricing

Scanning pricing should be transparent. A per-page rate that seems attractively low may exclude:

Document preparation (staple removal, unfolding, sorting) — often the largest cost component
OCR processing
Quality assurance beyond basic spot-checking
Collection and return transport
Output media (USB drives, cloud storage)
Indexing beyond sequential numbering
Project management

A quote of 3p per page that excludes preparation might actually cost 12-15p per page once all the extras are added. Ask for a total project cost that includes everything. If the provider cannot or will not provide this, their pricing is not transparent.

No Multi-Feed Detection

Multi-feed detection (using ultrasonic sensors to detect when two pages pass through together) is the single most important quality control in production scanning. Without it, pages are missed silently — your archive looks complete but has gaps.

If a provider does not mention multi-feed detection, or claims it is unnecessary, they are either using consumer-grade equipment or prioritising speed over accuracy. Either way, you risk receiving an incomplete archive.

No Described QA Process

Ask every provider: what is your quality assurance process? If the answer is vague — “we check the scans” or “our operators are very careful” — there is no systematic QA. A professional provider should be able to describe their QA process in specific terms:

What percentage of images are reviewed (100% or a sample)?
Who reviews them (the scanner operator or a separate QA team)?
What are the QA criteria (completeness, legibility, indexing accuracy)?
How are failures handled (re-scan, re-index, client notification)?
Are QA results documented and available for review?

Vague About Equipment

A provider who is proud of their equipment will tell you exactly what they use — makes, models, capabilities. A provider who is vague or evasive about their equipment may be using inadequate machines. Ask specifically:

What make and model of production scanners do you use?
What is your scanning speed and daily capacity?
Do you have large-format and flatbed scanning capability?
What capture and OCR software do you use?
How often is equipment calibrated and maintained?

If the answers are vague — “we use industry-standard equipment” — press for specifics. A provider who cannot name their scanners either does not know or does not want you to know.

No References

A scanning provider with a track record of successful projects should be able to provide references from satisfied clients — ideally from projects similar in size and type to yours. If a provider cannot or will not provide references, they may lack experience, have unhappy clients, or both.

When you do receive references, actually contact them. Ask specifically about quality, turnaround, communication, hidden costs and whether they would use the provider again.

Long Lock-In Contracts

Scanning projects have a defined scope and timeline. There is no reason for a long-term contractual commitment with penalty clauses for early termination. If a provider wants you to sign a multi-year agreement or includes significant cancellation penalties, ask why. A confident provider does not need to lock you in — they retain clients through quality and service.

Watch for auto-renewal clauses, too. The contract should cover your specific project with clear start and end dates, not roll over indefinitely.

Claiming 100% Accuracy Without Verification

No scanning process achieves 100% accuracy. Even with the best equipment, trained operators and rigorous QA, occasional errors occur. A provider who claims 100% accuracy without describing how they verify that claim is making an unsupported marketing statement.

A credible accuracy claim looks like: “We achieve 99.5% first-pass accuracy, verified through independent QA review of every batch, with a re-scan and correction process for any identified errors.” This is specific, measurable and verifiable.

Summary Checklist

Review this list before committing to any scanning provider:

Current ISO 9001 and ISO 27001 certifications (verified, not just claimed)
Data Processing Agreement available immediately
Facility visit welcomed and arranged
Transparent all-inclusive pricing with no hidden extras
Ultrasonic multi-feed detection on all production scanners
Described, systematic QA process (ideally 100% review)
Specific equipment information (makes, models, capabilities)
Client references from comparable projects
Reasonable contract terms with no lock-in penalties
Realistic accuracy claims backed by described verification processes

Get a Free Quote

Every project is different, so the best way to understand your options is to get in touch with our team. We provide clear, no-obligation advice — usually within the same day.

Call us on 01691 650355 or use the form below.