What is our Data Destruction Process?
Using industry standard software we completely wipe your data and issue you a certificate of data destruction with every donation.
Using a NIST 800-88 method, random data is written through the entirety of the drive destroying any recoverable data. The drive is then re-scanned to provide verification that all data has been destroyed.
By default, we wipe all devices to the NIST 800-88 industry standard, which is compliant with HIPAA and DoD standards. Additional data destruction methods are available upon request and compliant with the following other international standards/laws: HIPAA, US Department of Defense 5220.22 M, US Army AR380-19, US Air Force 502, German VIST, Russian GOST p50739-9, Canadian OPS-II, HMG IS5 Baseline/Enhanced, Navso P-5329-26, NCSC-TG-025 & NSA 130-2.
If your company policy is to keep your hard drives, don’t worry! We can still put all your technology to good use even if its broken or missing components.
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
Workstation and Device Security. A covered entity must implement policies and procedures to specify proper use of and access to workstations and electronic media. A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Specifically, human-I-T helps assist Banks, Credit Unions and other companies adhere to the Federal Trade Commission’s (FTC’s) Disposal Rule. Where applicable, the GLBA requires that customer information is disposed of in a secure way.
The Fair and Accurate Credit Transaction Act of 2003 (FACTA) added sections to the federal Fair Credit Reporting Act (FCRA, 15 U.S.C. 1681 et seq.), intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA.
FISMA requires federal agencies to implement a mandatory set of processes and system controls designed to ensure the confidentiality, integrity, and availability of system-related information. The processes and systems controls in each federal agency must follow established Federal Information Processing Standards, National Institute of Standards and Technology standards, and other legislative requirements pertaining to federal information systems, such as the Privacy Act of 1974.
The Personal Information Protection and Electronic Documents Act (PIPEDA) sets out ground rules for how private sector organizations may collect, use or disclose personal information in the course of commercial activities. PIPEDA also applies to federal works, undertakings and businesses in respect to employee personal information. The law gives individuals the right to access and request correction of the personal information these organizations may have collected about them.
The Sarbanes-Oxley Act of 2002 (SOX) mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud. It created the “Public Company Accounting Oversight Board,” also known as the PCAOB, to oversee the activities of the auditing profession.