Safely Dispose of Your Technology and Wipe All Sensitive Data - for free
Keep Your Customers’ Private Information Secure. Protect Your Business.
Data breaches cost companies an average of $4 million per instance and 80% of customers refuse to shop with companies who compromise their data. To maintain your organization’s reputation as a trustworthy brand, you must ensure that your customers’ sensitive information is secure.
That’s why we sanitize every donated storage device at our NAID-certified facilities using DoD and HIPAA-compliant NIST 800-88 software. In the event not all data can be destroyed, we responsibly dispose of the physical assets through an R2 certified organization.
Additional data destruction methods are available upon request and are compliant with the following international standards/laws: HIPAA; US Department of Defense 5220.22 M; US Army AR380-19; US Air Force 502; German VIST; Russian GOST p50739-9; Canadian OPS-II; HMG IS5 Baseline/Enhanced; Navso P-5329-26; NCSC-TG-025; and NSA 130-2.
All data storage devices will be received by authorized Human-I-T personnel at a NAID-certified, secure facility where they will be physically secured and closely supervised until processed.
For organizations who do not want their devices transported, authorized Human-I-T personnel are also available for on-site data destruction and physical asset disposition in Los Angeles and the surrounding areas.
Comprehensive Data Sanitization
Using a NIST 800-88 method, random data is written through the entirety of the storage device in order to destroy all recoverable data on the device. The storage device is then re-scanned to verify that 100% of all sensitive information has been destroyed.
Physical Crushing of Remaining Assets
If we cannot erase all sensitive data using our software, the storage device will be physically crushed and recycled in an environmentally sound manner, via an R2-certified organization.
We are NAID certified!
Thanks to our team’s commitment to the values of creative collaboration, continuous improvement, and excellence in execution, both of our facilities in Los Angeles and Detroit are now NAID certified!
This certification ensures that our data destruction professionals collect, handle, transport, and and destroy your information while adhering to a strict chain of custody procedure, and that your data will be destroyed according to state and federal regulations that apply to your business.
More specifically, this certification recognizes that our facilities passed rigorous, unannounced audits by the National Association of Information Destruction to ensure every element of our data security and destruction practices – from our operational security to our hiring practices – are in compliance with the highest standards in the data destruction industry.
To read more about the NAID certification process, click here.
The Chain of Custody
Human-I-T Secure Pickups
Your donation will be loaded onto a GPS-tracked truck equipped with four cameras: one road-facing camera, one inside the cabin, one inside the truck box, and one rear-facing camera. The rear-facing camera enables you to watch your items as they’re loaded onto the truck, while the truck box allows a continuous view of the items during transit. Each of the cameras deliver live feeds while the truck is on, and up to two months of footage from the truck can be accessed at all times.
Whether your donation is shipped to us via parcel or freight, we can provide real-time parcel tracking upon request – that way you don’t have to wonder where your donation is.
Prepaid Laptop Boxes
If your donations exclusively contain laptops, Human-I-T can provide you with locked, padded laptop boxes to make it easy for you to safely and securely ship us your items.
All items are physically locked away in a NAID-certified warehouse that is kept secure by advanced ADT security systems and cameras. All volunteers and personnel are required to pass a rigorous background check in order to access the facility.
Each drive that we wipe with software comes with individual PDF reports to confirm details like the type of drive, the item’s serial number, the method used to wipe the data, and a wiping verification confirmation. Additionally, we’ll provide a serialized inventory of all donated storage devices that had their data sanitized to show you things like the items’ serial numbers, their Human-I-T donation IDs, and the date they were each received.
If you want your storage devices physically crushed, we’ll provide this report that includes a spreadsheet showing the destroyed items’ serial numbers, the method we used to destroy them, their Human-I-T donation IDs, and the date they were each received.
Data Security for Health Plans, Health Care Clearinghouses, and Health Care Providers
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
Workstation and Device Security. A covered entity must implement policies and procedures to specify proper use of and access to workstations and electronic media. A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).
Data Security for Banks and Financial Institutions
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Specifically, human-I-T helps assist Banks, Credit Unions and other companies adhere to the Federal Trade Commission’s (FTC’s) Disposal Rule. Where applicable, the GLBA requires that customer information is disposed of in a secure way.
Data Security for Credit Institutions and Reporting Agencies
The Fair and Accurate Credit Transaction Act of 2003 (FACTA) added sections to the federal Fair Credit Reporting Act (FCRA, 15 U.S.C. 1681 et seq.), intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA.
Data Security for Federal Executive Branch Civilian Agencies
FISMA requires federal agencies to implement a mandatory set of processes and system controls designed to ensure the confidentiality, integrity, and availability of system-related information. The processes and systems controls in each federal agency must follow established Federal Information Processing Standards, National Institute of Standards and Technology standards, and other legislative requirements pertaining to federal information systems, such as the Privacy Act of 1974.
Data SEcurity for Private SEctor Organizations and Commercial Activity
The Personal Information Protection and Electronic Documents Act (PIPEDA) sets out ground rules for how private sector organizations may collect, use or disclose personal information in the course of commercial activities. PIPEDA also applies to federal works, undertakings and businesses in respect to employee personal information. The law gives individuals the right to access and request correction of the personal information these organizations may have collected about them.
Data Security for Public Companies and Financial Reporting
The Sarbanes-Oxley Act of 2002 (SOX) mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud. It created the “Public Company Accounting Oversight Board,” also known as the PCAOB, to oversee the activities of the auditing profession.
Get Plugged In
Sign up for our monthly newsletter, The Monthly Plug. Whether it’s updates about specific impacts we’ve made or just news that made our eyes go wide, the Monthly Plug is your one-stop-shop to hear the voice of Human-I-T.