The risks that are associated nowadays with disposing of IT assets are far greater than they were just a few short years ago. Legislation surrounding data security and environmental issues carries very severe penalties for non-compliance.
A company’s reputation can lie in tatters after personal consumer data has been stolen. Businesses have to treat asset disposal as a risky endeavour and do everything possible to safeguard their own interests to the fullest.
What Are The Relevant Regulations And Standards That Demand Compliance?
There are several regulations, many guidelines and standards of best practice laid down either by the EU, the government or various practitioner bodies. The Data sections are detailed on our page Your Legal Responsibilities and you also need to be aware of environmental regulations for the Waste Electrical and Electronic Equipment Directive (WEEE), which are summarised here. The relevant data security regulations are also usefully grouped by organisation type on the Information Commissioners Office (ICO) website.
What Do We Mean By Professionals?
We mean that the company does more than offer lip service to the various standards but strives to exceed them through a thoroughly professional attitude amongst its staff.
Technical staff should be security vetted up to SC level. They should also practice compliance with these data security standards:
- Data Protection Act 1998
- HMG Security Policy Framework
- Health Insurance Portability and Accountability Act
- JSP 440 Joint Services Publication
- Sarbanes-Oxley Act (SOX)
- FACTA – Fair and Accurate Credit Transactions Act (2003)
- PCI DSS – Payment Card Industry Data Security Standards
What Happens When They Come To Dispose Of Your Assets?
1. Collecting And Recording The Assets
When they arrive at your location, the disposal company engineers will remove each asset (individually or in bulk) and immediately enter the details into a tracking database so that each asset can be securely tracked.
2. Separating Them By Data Or Non-Data
The assets are then transported securely to the company’s facility where they are separated into those that contain data and those that do not.
3. Checking For Any Market Value
Relatively newer assets can sometimes be refurbished for resale after all data has been thoroughly sanitised. If so, they will be assigned for technical testing. If not, they can be consigned to scrap processing.
4. If Refurbishment Is Practical
First, the asset is tested to see whether it works or not. If not, it consigned to scrap processing. If it is working then the data is thoroughly and professionally sanitised and the asset is either donated to a charity or offered on the market for resale.
5. Preparing For Scrap
All markings are first removed from assets that are destined for scrap. Then all data bearing components are removed, such as HDDs and so on, and physically destroyed through a secure, guaranteed, process. The components that remain in the asset are stripped back to their primary constituent parts (copper, plastics, ferrous metals, nonferrous metals) which are recycled.
Find Out More
In our efforts to continually improve our service, we have attained a number of accreditations and certifications that underline our professional standards. These include:
- ISO 9001 and ISO 14001
- WEEE
Environment Agency Approved Waste Removal Service
As a highly professional IT Asset Disposal company, we at Absolute IT uphold the highest standards to provide you with the maximum assurance that you will comply with all requirements. Contact us today to see how we can mesh with your current operation to deliver a service that mitigates all risks.
