1. Ask an ITAD
  2. Regulatory Compliance

What methods of data destruction are required by regulations such as GLBA, HIPAA, SOX, or HITECH?

There are currently no data regulations that mandate or prescribe specific methods, shred sizes, or tools to perform data destruction.

Data protection regulations are built on the principle of requiring covered entities to take "reasonable" actions to protect unauthorized access to protected information. Although there are no specific prescriptions for how internal or external vendors must handle and destroy disposed of data there are several key components to all compliant programs including but not limited to written policies, procedures, employee training, assigning accountability, documenting due diligence of vendor selections, and executing formal contracts with service providers.

Can't find what you're looking for?Ask us here and we will be in touch within one business day.