It is a fact that every device in your organisation that stores data about people represents a potential risk to data security should it fall into the wrong hands and leak data that should have remained confidential. When it’s time to dispose of that asset, the potential risk increases greatly once the device leaves your control.
Organisations are legally bound to protect the data that they store about members of the public, including restricting the geographic locations where it may be stored. However, the lurid headlines about data loss by major corporate names indicate that many are not executing this duty of care adequately. Discarded PCs, laptops and servers are all too frequently a rich harvesting ground for criminal elements because data has not been properly sanitised from hard disks.
"Wiping" means many things to many people, but modern forensic techniques can recover data from media that was believed to have been wiped. You need to have it sanitised professionally and certified, or even physically destroy the media into tiny chunks. Not doing so lays a company open to potential breach of regulations with the attendant reputational and severe financial penalties.
Tracking And Chain Of Custody
Most companies of any size nowadays deploy a computerised asset tracking system. That has many benefits over and above the obvious one of feeding into the assets section of the balance sheet. It can also act as a historical repository of event activities for an asset, right though to disposal together with appropriate certificates to prove that it was disposed of in compliance with all data and environmental regulations.
From the point at which an asset is physically handed over to a third party for disposal and moves outside your control, it is critically important to obtain ironclad certification about every activity that it underwent. Picture an investigation that appears to indicate that your company was negligent in some way in its asset disposal processes.
You would need to be able to fall back on irrefutable proof that you did everything by the book and maintained complete compliance with all regulations. That means the asset disposal company you choose to partner with must operate to the very highest professional and best practice standards. Your company’s reputation could depend on it.
Environmental Responsibilities And Preventing Landfill
The disposal of electronic waste (e-waste) is subject to the Waste Electrical and Electronic Equipment (WEEE) regulations. This was an EU initiative designed to divert as much waste as possible from entering landfill. Computer components have many toxic substances including things like mercury and cadmium (and a whole lot more) that simply should not be allowed to leach back into the water table. It is illegal to dump e-waste in landfill and every company should also strive to ensure that problem is not simply moved to a third world country and dumped in landfill there.
When disposing of assets, you simply must be able to provide proof that your equipment did not end up in landfill and was not just shipped out of the EU to avoid regulations. The financial and reputational penalties are enormous in this environmentally conscious age. Therefore it makes absolutely perfect sense to engage a professional asset disposal company that will underwrite guarantees of full compliance.
In our efforts to continually improve our service, we have attained a number of accreditations and certifications that underline our professional standards. These include:
- ISO 9001 and ISO 14001
- Environment Agency approved Waste Removal Service
Contact us today to discuss your asset disposal requirements. Our specialist facilities and people are fully secure and adhere to the very highest standards and best practice. That provides you with the security and assurances you need that a compliance officer will never come knocking on your company’s door with a complaint to be investigated.