Certified, Corporate-Grade Data Destruction

Safely Dispose of Your Technology and Wipe All Sensitive Data - for free

Keep Your Customers’ Private Information Secure. Protect Your Business.

Data breaches cost companies an average of $4 million per instance and 80% of customers refuse to shop with companies who compromise their data. To maintain your organization’s reputation as a trustworthy brand, you must ensure that your customers’ sensitive information is secure.

That’s why we sanitize every donated storage device at our NAID-certified facilities using DoD and HIPAA-compliant NIST 800-88 software. In the event not all data can be destroyed, we responsibly dispose of the physical assets through an R2 certified organization. 

Additional data destruction methods are available upon request and are compliant with the following international standards/laws: HIPAA; US Department of Defense 5220.22 M; US Army AR380-19; US Air Force 502; German VIST; Russian GOST p50739-9; Canadian OPS-II; HMG IS5 Baseline/Enhanced; Navso P-5329-26; NCSC-TG-025; and NSA 130-2.

Technology Partners

How We Keep Your Data Secure

1
Secure Transportation & Storage

All data storage devices will be received by authorized Human-I-T personnel at a NAID-certified, secure facility where they will be physically secured and closely supervised until processed. 

For organizations who do not want their devices transported, authorized Human-I-T personnel are also available for on-site data destruction and physical asset disposition in Los Angeles and the surrounding areas.

2
Comprehensive Data Sanitization

Using a NIST 800-88 method, random data is written through the entirety of the storage device in order to destroy all recoverable data on the device. The storage device is then re-scanned to verify that 100% of all sensitive information has been destroyed.

3
Physical Crushing of Remaining Assets

If we cannot erase all sensitive data using our software, the storage device will be physically crushed and recycled in an environmentally sound manner, via an R2-certified organization.

We are NAID certified!

Thanks to our team’s commitment to the values of creative collaboration, continuous improvement, and excellence in execution, both of our facilities in Los Angeles and Detroit are now NAID certified!

This certification ensures that our data destruction professionals collect, handle, transport, and and destroy your information while adhering to a strict chain of custody procedure, and that your data will be destroyed according to state and federal regulations that apply to your business.

More specifically, this certification recognizes that our facilities passed rigorous, unannounced audits by the National Association of Information Destruction to ensure every element of our data security and destruction practices – from our operational security to our hiring practices – are in compliance with the highest standards in the data destruction industry.

To read more about the NAID certification process, click here.

The Chain of Custody

Human-I-T Secure Pickups

Your donation will be loaded onto a GPS-tracked truck equipped with four cameras: one road-facing camera, one inside the cabin, one inside the truck box, and one rear-facing camera. The rear-facing camera enables you to watch your items as they’re loaded onto the truck, while the truck box allows a continuous view of the items during transit. Each of the cameras deliver live feeds while the truck is on, and up to two months of footage from the truck can be accessed at all times.

Shipped Donations

Whether your donation is shipped to us via parcel or freight, we can provide real-time parcel tracking upon request – that way you don’t have to wonder where your donation is.

Prepaid Laptop Boxes 

If your donations exclusively contain laptops, Human-I-T can provide you with locked, padded laptop boxes to make it easy for you to safely and securely ship us your items. 

Warehouse Security 

All items are physically locked away in a NAID-certified warehouse that is kept secure by advanced ADT security systems and cameras. All volunteers and personnel are required to pass a rigorous background check in order to access the facility. 

Documented Results

Certificate of Data Destruction

An itemized Certificate of Data Destruction is provided within every donation receipt to certify that all items which have been appropriately accounted for have been destroyed.

(Click here for an example certificate)

Data Destruction Reports

Each drive that we wipe with software comes with individual PDF reports to confirm details like the type of drive, the item’s serial number, the method used to wipe the data, and a wiping verification confirmation. Additionally, we’ll provide a serialized inventory of all donated storage devices that had their data sanitized to show you things like the items’ serial numbers, their Human-I-T donation IDs, and the date they were each received.

(Click for an example destruction report)

Physical Crushing Report

If you want your storage devices physically crushed, we’ll provide this report that includes a spreadsheet showing the destroyed items’ serial numbers, the method we used to destroy them, their Human-I-T donation IDs, and the date they were each received.

(Click here for an example physical crushing report)

Our data destruction process is compliant with the following laws:

HIPAA

Data Security for Health Plans, Health Care Clearinghouses, and Health Care Providers

HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

Workstation and Device Security. A covered entity must implement policies and procedures to specify proper use of and access to workstations and electronic media. A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).

GLBA

Data Security for Banks and Financial Institutions

The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Specifically, human-I-T helps assist Banks, Credit Unions and other companies adhere to the Federal Trade Commission’s (FTC’s) Disposal Rule. Where applicable, the GLBA requires that customer information is disposed of in a secure way.

FACTA

Data Security for Credit Institutions and Reporting Agencies

The Fair and Accurate Credit Transaction Act of 2003 (FACTA) added sections to the federal Fair Credit Reporting Act (FCRA, 15 U.S.C. 1681 et seq.), intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA.

FISMA

Data Security for Federal Executive Branch Civilian Agencies

FISMA requires federal agencies to implement a mandatory set of processes and system controls designed to ensure the confidentiality, integrity, and availability of system-related information. The processes and systems controls in each federal agency must follow established Federal Information Processing Standards, National Institute of Standards and Technology standards, and other legislative requirements pertaining to federal information systems, such as the Privacy Act of 1974.

PIPEDA

Data SEcurity for Private SEctor Organizations and Commercial Activity

The Personal Information Protection and Electronic Documents Act (PIPEDA) sets out ground rules for how private sector organizations may collect, use or disclose personal information in the course of commercial activities. PIPEDA also applies to federal works, undertakings and businesses in respect to employee personal information. The law gives individuals the right to access and request correction of the personal information these organizations may have collected about them.

SOX

Data Security for Public Companies and Financial Reporting

The Sarbanes-Oxley Act of 2002 (SOX) mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud. It created the “Public Company Accounting Oversight Board,” also known as the PCAOB, to oversee the activities of the auditing profession.