ITAD and Remote Working: Compliance in the Time of COVID-19

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn

The COVID-19 pandemic poses unique challenges to businesses of all sizes when dealing with IT hardware that has reached end of life (EOL).  In the past, the main concern for IT teams was the speed of advancement that required efficient management of redundant equipment. Workers sat in an office, and equipment was on site. However, since the COVID-19 pandemic began, there has been a massive workforce shift—1.5 billion people are working remotely worldwide. And working from home is expected to be a continuing trend. 

Zip Recruiter reports that in mid-March, only 1.3% of U.S. jobs posted on their website offered remote work; as of May, 11.3% of jobs let people work away from a physical office, and that number is expected to increase. This massive change is having a huge impact on information technology asset disposition (ITAD). 

The challenge: 

How do you properly dispose of EOL equipment and the data stored on it when your workforce is distributed?

ITAD and Why It’s Important

ITAD is the responsible decommissioning, repurposing and recycling of EOL computer hardware assets, which includes proper documentation, handling and processing of assets governed and verified by independent bodies, which means you need a certified vendor.

ITAD includes:

  • Data destruction and sanitization.
  • Asset tracking and reporting.
  • Electronics recycling.
  • Logistics.

It also should meet these requirements:

  • Data security
  • Information privacy
  • Environmental protection

Depending on your company’s specific data compliance regulations—HIPAA, PCI-DSS, SEC, ISO, etc.—you will need an aggressive round of data wiping or destruction before you decommission any equipment, recommends Gartner, and it advises contracting with an experienced ITAD vendor like Aegis Solutions. 

Complete data erasure and destruction requires highly specialized software and physical tools. Aegis Solutions not only will ensure comprehensive data security, but we also will provide certification that all data was sanitized per common industry standards.

Legal Implications

Improper data destruction related to hardware recycling/remediation can leave you exposed to potential legal action—including significant fines.

For example, violating the Fair Credit and Transaction Act, which can lead to identity theft, carries a fine of $1,000 for every consumer affected in addition to any actual damages. And in some cases, the government will take the matter to court for a fine of up to $2,500 per person.

Violations of the Health Insurance Portability and Accounting Act by improper destruction of medical records are expensive. Penalties are based on the level of negligence and range from $100 to $50,000 per violation (or per record). Violations also can carry criminal charges that may mean jail time.

Pivoting ITAD in the Time of COVID-19

As we mentioned, the current pandemic and the likely increase in remote workers pose unique problems for your company when it comes to ITAD compliance.

Do you have surplus equipment? There may be a number of reasons for this, including:

  • Do you have remote workers? Are you planning to keep them remote for the foreseeable future? This means you may not need office desktops or peripheral electronics.
  • Was your company forced to downsize during COVID-19? If so, you probably have surplus assets as well as unwiped hard drives.
  • Did you move your office to a new location? You might have discovered surplus equipment you didn’t realize you had. 
  • Did you recently merge with another company? If you decided to operate with matching systems, you likely have surplus electronics.

Rampant hacking attempts and data infiltration pose huge risks. Your company should be motivated to focus on the danger of your currently-in-use infrastructure and assets. Don’t allow EOL equipment and unused devices stack up.

You need proper disposal, repurposing and recycling. Data destruction can be performed in a variety of ways, and Aegis Solutions works to understand your specific needs to determine the best method to eradicate your data. Aegis offers both electronic and physical remediation services and works with each client individually to determine which process is best for their needs.

To that end, Aegis Solutions has partnered with WhiteCanyon Software. WhiteCanyon Software is used by prominent private companies and governmental organizations like the U.S. Department of Commerce. It also has EAL 2+ certification—the most comprehensive certification currently available. 

Aegis and WhiteCanyon stay current on all of the latest ITAD security protocols, software releases, requirements and tools, such as the latest encryption-breaking processor

Aegis Solutions Is Your Best Choice for ITAD Compliance

Aegis Solutions is a leading global provider of enterprise IT asset lifecycle management, secure data remediation and IT asset disposition (ITAD) services. With more than 20 years of industry experience and a collaborative customer-first philosophy, our trained experts can evaluate and assess the specific needs of your organization and execute a proactive, comprehensive IT asset retirement plan.

We provide best-in-class services for compliant, secure and environmentally responsible handling of EOL IT assets by adhering to all federal and state mandates.

We guarantee 100% Certified Data remediation and provide full transparency through all phases of the engagement with full inventory reporting, chain-of-custody documentation and certificates of destruction. 

You can’t find a better partner for ITAD compliance. Contact us today for a free estimate.

Resources:

https://www.theatlantic.com/health/archive/2020/05/work-from-home-pandemic/611098/
https://topclassactions.com/lawsuit-settlements/money/credit-cards/what-is-the-purpose-of-facta/#:~:text=If%20a%20consumer%20can%20show,the%20law%2C%20penalties%20could%20apply.&text=In%20some%20cases%2C%20the%20government,for%20each%20independent%20FACTA%20violation.
https://www.truevault.com/resources/compliance/how-much-do-hipaa-violations-cost#:~:text=HIPAA%20violations%20are%20expensive.,violations%20of%20an%20identical%20provision.
Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn