How Can We Help?
-
Regulatory Compliance
- Can my company be held legally responsible for the failure of my vendor to meet regulatory guidelines?
- Why should we be concerned about compliance if our business is not in finance, healthcare, or otherwise not subject to existing data protection regulations?
- How can we transfer data protection regulatory liabilities to a vendor?
- What methods of data destruction are required by regulations such as GLBA, HIPAA, SOX, or HITECH?
-
Client FAQ
-
- Do you donate computers or can we donate equipment to you?
- What equipment or electronics waste (e-waste) do you accept?
- Do you provide lease return management services?
- What computers and IT equipment do you buy?
- Do you offer company and employee buyback services?
- Can we visit your site for inspection?
- Do I have to package the equipment?
- How much notice is needed to schedule a pickup?
-
Insurance
-
ITAD & Recycling Industry
-
Service Questions
< All Topics
Print
What methods of data destruction are required by regulations such as GLBA, HIPAA, SOX, or HITECH?
There are currently no data regulations that mandate or prescribe specific methods, shred sizes, or tools to perform data destruction.
Data protection regulations are built on the principle of requiring covered entities to take “reasonable” actions to protect unauthorized access to protected information. Although there are no specific prescriptions for how internal or external vendors must handle and destroy disposed of data there are several key components to all compliant programs including but not limited to written policies, procedures, employee training, assigning accountability, documenting due diligence of vendor selections, and executing formal contracts with service providers.
Can’t find what you’re looking for?Ask us here and we will be in touch within one business day.