Certified Computer Recycle Center Providing E-Waste, IT Asset Management & Data Destruction Services
Call: 855-626-3472

Compliance

Know Your Risks and Obligations regarding Data Destruction on old Computers

Why Information on retired computers must be properly destroyed?

  • IT’S THE LAW – There are strict laws requiring you to prevent unauthorized access to the personal information on discarded computers.
  • FINES – Over the last 2 years alone, there has been in excess of $10,000,000 in fines for improperly discarding sensitive personal information, not to mention scores of embarrassing headlines.
  • BREACH NOTIFICATION – Legally required notification of clients when there is a data breach can cost tens of thousands of dollars and much, much more in lost customer confidence and future business.
  • ETHICS – You have an ethical obligation to your clients and stakeholders to properly destroy personal and proprietary information when discarding or transferring ownership of old computers.

THE SOLUTION:

Use A Qualified, Certified e-Waste Contractor for e-waste management and Information and data Destruction

WHY OUTSOURCE?

Information destruction methods for computers are best left to someone who knows what they are doing. Even professionals
have to recheck their work with forensic systems to verify destruction. Self-administered procedures are far more likely
to be ineffective. Further, authorities do not look kindly upon those who cut corners on information destruction.

THE MOST IMPORTANT DECISION

When decommissioning old computers, your most important responsibility is to make sure you are dealing with a reputable
company that puts information destruction first. A qualified contractor will help you determine if Sanitization, Secure Erase,
Degaussing or Physical Destruction is the best destruction process for any particular circumstance.*

FINDING QUALIFIED COMPANIES

Companies qualified to remove information from old computers with the assurance you need have some things in common.

  • They encourage you to visit their operation even when it’s a surprise.
  • They effectively control unauthorized access to their facilities.
  • They track the serial numbers on the computers and/or hard drives and have a complete physical and documented audit trail in place.
  • They have a documented quality control program to verify the effectiveness of the destruction process on an ongoing basis.
  • They have documentation that shows where they send the processed remains of the equipment.
  • They screen their employees and do not employ individuals with a known related criminal history.
  • They issue a certificate of destruction that addresses the who, where, when and how” of the destruction process.
  • They demonstrate their dedication to proper information destruction through membership in NAID

SOME HEADLINES PLUCKED FROM THE NEWS AND THE DUMPSTER!

A Michigan hospital operator is fined $1 million for disposing of patient information without the proper security measures in place.
(Reported by the Detroit Free Press on October 1, 2007)

The Attorney General of Kentucky conducted an investigation showing that 33 out of 121 dumpsters of local businesses contained more than 500 records containing personal information.
(Reported by Lexington, Kentucky-based, WTVQ on Oct 30, 2007)

The US Federal Trade Commission fined a medium-sized mortgage brokerage company $50,000
for discarding client financial information without properly destroying it first.
(Reported by www.ftc.gov on December 18, 2007)

The Attorney General of Texas filed charges against a medical facility for discarding patient information without destroying it first. According to reports, the fines could reach over $1 million.
(Reported by Lubbock Avalanche-Journal, January 11, 2008)

Indiana’s Attorney General filed complaints on August 31, 2007 with the Indiana Pharmacy Board against 14 Indianapolis-area pharmacies and 14 individual pharmacists for failing to protect sensitive patient medical information that was put in dumpsters prior to being destroyed.
(Reported by Legalnews.com on September 20, 2007)

The Ohio Bureau of Motor Vehicles fired a Deputy Registrar heading one of its regional offices when it was discovered that drivers’ personal information was discarded in the dumpster without being shredded first.
(Reported by Cleveland, OH-based WKYC on September 13, 2007)

A Hawaii-based escrow firm is fined $10,000 for improperly disposing of 39 boxes of records containing thousands of customers’ Social Security Numbers and other financial information by placing the boxes in a dumpster.
(Reported by Pacific Business News on July 19, 2007.)

(Reference Source: http://www.naidonline.org/nitl/en/index.html)

 
Read More Details About

 

Read More Details About

The Red Flags Rule

HIPAA & Protected Health Information Destruction

Organizational Training on Information Destruction Rules