When you decide to upgrade to new hardware and get rid of outdated computer equipment, it is essential that you do so in keeping with all applicable environmental and privacy laws, so as to protect yourself, your clients, and the environment. This means developing policies and working with partners that create a clear chain of custody, not to mention proof of proper destruction and recycling. Here are a few tips to set up a proper chain of custody for electronic data destruction.
Your Chain of Custody Policies
If you’ve seen legal dramas on TV, you’ve probably heard the term “chain of custody” before. It’s what the police and legal authorities use to describe the proper handling of crime scene evidence, insomuch as the whereabouts of evidence are documented from the moment it is collected until it reaches the courtroom (and beyond).
For businesses, chain of custody has a similar meaning, and it, too, can have legal ramifications. There are laws in place to protect consumer privacy, as well as the environment. As a business owner, you are beholden to these laws, and failure to comply can result in a variety of penalties. Even worse, compromising confidential customer data could lead to identity theft and lawsuits for negligence, not to mention a major hit to your reputation.
A reliable chain of custody helps to minimize the risks for these unfortunate outcomes. When you have proof of ownership, destruction, and recycling, you should be able to avoid the potential for data breach and show proof that you followed applicable laws, should you come under suspicion of wrongdoing.
This begins with creating internal policies for proper handling of any electronic equipment slated for destruction – particularly computer hard drives or other devices containing sensitive data. Many companies elect to add bar codes to all equipment for easy internal tracking.
You should also have locked storage areas under video surveillance to ensure that devices containing sensitive data aren’t up for grabs. It’s a good idea to assign equipment management duties to an employee, such as a facilities manager, who will be responsible for storing and eventually transferring equipment to a reliable data destruction partner.
Choosing the Right Electronic Data Destruction Partner
Most companies simply don’t have the resources to devote to proper electronic data destruction and recycling efforts in-house, which is why it’s so important to choose a reputable partner. You’ll want to choose a vendor prepared to comply with all applicable privacy laws, including HIPAA, FACTA, and so on, as well as environmental recycling laws. Choosing a National Association for Information Destruction (NAID) certified is wise, and will help to ensure the highest level of service.
Look for a vendor that offers security features like secure pick-up and transportation; on-site facility surveillance, 24/7 site monitoring, and checkpoints; an online customer portal that allows you to track the data destruction process; and Certificates of Destruction and Recycling upon completion of every job. When you need the best partner in electronic data destruction for your Sioux Falls area business, contact SEAM at 605-274-SEAM (7326).