ITAMG's Data Destruction Solutions
Data security during equipment disposition is an increasingly scrutinized process. Retired hard drives and electronic media contain sensitive information and if improperly disposed of can lead to data breaches. Failure to properly sanitize hard drives can result in legal fees, fines, leaking of intellectual property, and a tarnished reputation.
ITAMG can help ensure your organization destroys data above or beyond the guidelines of NIST 800-88 and Department of Defense 5220.22-M.
How ITAMG Provides Industry Leading Data Eradication Services:
- Auditable data destruction reporting and confirmation of disk erasure
- Serial number capture and confirmation for sanitization and physical destruction of media
- ITAMG uses in house background checked labor to collect equipment unless otherwise agreed
- Onsite hard drive shredding and media destruction available
- Certification of destruction and chain of custody documentation provided
- Insured for errors and omissions to protect against a lapse in downstream data security
Failure to destroy data properly could result in:
- Identity theft
- Time in prison
- Federal and/or civil liability
- Exorbitant fines or lawsuits
- Irreparable damage to an organization’s reputation
- Loss in consumer confidence
- Decline in revenue and loss of clients
- Leaking of trade secrets and intellectual property
Ensure compliance with government and industry regulations including NIST 800-88 Guidelines for Media Sanitization and HIPAA
ITAMG’s Services Will Assist Your Organization Remain in Compliance With the Following:
- Internal security and quality management mandates
- External industry regulations
- National Institute of Standards & Technology (NIST) Special Publication Series 800-88
- National Industrial Security Program (NISP) Operating Manual (DOD 5220.22-M)
- Health Insurance Portability and Accountability Act (HIPAA)
- Sarbanes-Oxley Act of 2002
- Fair and Accurate Credit Transactions Act (FACTA)
- Gramm-Leach-Bliley Act
- Bank Secrecy Act
- Patriot Act of 2002
- Identity Theft and Assumption Deterrence Act
- US Safe Harbor Provisions
- FDA Security Regulations (21 C.F.R. part 11)
- PCI Data Security Standard
- Various local, state, and federal laws
Software Eradication and Sanitization:
Data is overwritten with a pre-determined pattern of meaningless binary code rendering your data unrecoverable. This process ensures that hard drives can be reused or resold for maximum recovery value.
Result: Compliant data security. Enables maximum recovery value.
Degaussing and Magnetic Destruction:
Hard drive is exposed to a very powerful magnetic charge that destroys the data along with the timing tracks and servomotors. This process renders the hard drive inoperable.
Result: Compliant data security. Reduces recovery value.
Electronic Media and Hard Drive Shredding:
Mechanically destroys hard drives and all types of electronic storage media and permanently eliminates the ability to recover data. The pulverized remains of the hard drive can be recycled but cannot be reused or resold.
The shredding machine was custom designed in accordance with the DoD 5220.22-M to physically destroy hard drives, DLT tapes, medical films, cell phones, PDA’s, CD’s, DVD’s, VHS tapes, and floppy disks at ITAMG’s Plainview Headquarters.
Result: Complete and uncompromised data security. Reduces recovery value.
On-Site Mobile Data Destruction Services:
The ITAMG Mobile Shredder Solution is fast and absolute. All media is destroyed at your business location and the process is witnessed by one or more of your employees.
ITAMG eliminates the risk of a corporate data breach by completely eliminating the chain of custody between an organization and the physical point-of-destruction.
Our mobile shredding unit was custom designed in accordance with the DoD 5220.22M to physically destroy hard drives, DLT Tapes, medical films, cell phones, PDAs, CDs, DVDs, VHS tapes, and floppy disks.
Result: Complete and uncompromised data security. Reduces recovery value.
Regulations and Compliance
- RED FLAGS RULE – Under the Red Flags rule all companies or services that regularly permit deferred payments for goods or services must develop a written program that identifies and detects the relevant warning signs – or “red flags” – of identity theft.
- FACTA – The Fair and Accurate Credit Transaction Act is a federal law designed to reduce the risk of consumer fraud and identity theft. It applies to every individual or business and violators run the risk of class action suits and penalties.
- HIPAA – The Health Insurance Portability and Accountability Act is a federal law designed to prevent the abuse of personal health information, including unauthorized access. It is administered by the US Department of Health Services and is enforced by the US Office of Civil Rights.
- Frequently Asked Questions about HIPAA – Provided by the U.S. Department of Health and Human Services – The Office for Civil Rights.
- Gramm-Leach-Bliley (GLB) Safeguards Rule is enforced by the Federal Trade Commission and requires financial institutions to have a security plan to protect the confidentiality and integrity of personal consumer information.