The Fortune 500 list is made up of some of the most successful corporations in the country. According to Fortune magazine, the companies on the most recent list have over $12 trillion in revenue and account for two-thirds of the U.S. GDP. These 500 companies also generate $890 billion in profits and hold $19 trillion in market value. Companies of this size and value have unique needs–especially when it comes to IT asset disposition (ITAD).
Every Fortune 500 company should have an ITAD plan in place that outlines what will happen to IT assets when they are no longer needed or functional. These devices contain a lot of sensitive data that needs to be protected at all costs, so they must be properly disposed of to avoid a data breach. Here are a few things to keep in mind when developing an ITAD plan:
Understand the Laws Governing ITAD
Some industries heavily regulate how businesses dispose of their IT assets. For example, all businesses within the healthcare industry must comply with the Health Insurance Portability and Accountability Act (HIPAA). This law was established to hold healthcare companies accountable for protecting their consumers’ medical data. Part of HIPAA outlines the procedures that healthcare companies must follow when disposing of their IT assets. For instance, the law states that healthcare companies must keep a record of the movement of data-containing devices. HIPAA also requires these companies to have written policies addressing how IT assets should be disposed of.
Healthcare companies aren’t the only ones that must comply with ITAD regulations. Any business that stores credit card information or accepts credit or debit cards as a form of payment must comply with certain regulations as well. Since the vast majority of businesses accept this form of payment, this means most businesses must comply with at least one federal ITAD regulation.
Before developing an ITAD plan, it’s important for decision makers to review the laws that apply to their business. Determine which ITAD regulations you will need to comply with and use this as a starting point to create your plan.
Watch Over Assets At All Times
The e-waste recycler that you choose to handle the disposal of IT assets will most likely transfer the devices to their facility prior to destroying the data. But in this case, out of sight should not mean out of mind. Even though the assets are no longer on company property, they should still be monitored closely as if they were. Before the recycler arrives at your facility, make sure you have a detailed inventory of the assets that are being removed for disposal. Work with an e-waste recycler that allows you to track the assets from the moment they are removed from your facility until the data destruction and recycling process is complete. The IT asset management team should not stop monitoring the status of these assets until the e-waste recycler has provided a certificate of destruction.
Choose the Right E-Waste Recycler
Fortune 500 companies can be severely affected by a data breach because they have a lot more to lose than other businesses. Fortunately, choosing the right e-waste recycler will greatly minimize the risk of sensitive data being breached during the disposal process.
Look for an e-waste recycler that has been awarded the e-Stewards and National Association for Information Destruction (NAID) AAA certifications. These are considered two of the most prestigious certifications in the e-waste recycling industry, so recyclers with these certifications can be trusted with your data.
It’s best to also find an e-waste recycler that has experience working with Fortune 500 clients. E-waste recyclers with experience working with businesses of this size and value understand these clients’ unique needs.
Don’t Be Afraid to Dispose of ITAD Assets
Many decision makers are well aware of the impact that a data breach can have on a company. As a result, they often fear handing their IT assets over to a third party when it’s time to dispose of them. Instead of getting rid of assets that are no longer needed, these fearful decision makers may decide to keep them on-site even though no one is using them. But, it’s important to understand that keeping IT assets on-site when they are not needed is far riskier than disposing of them via an e-waste recycler. The devices that remain on-site must be constantly monitored to ensure they are not stolen. However, it can be difficult to keep track of assets that are locked away in a storage closet.
The assets could also easily be accessed by anyone within the building. Since it is too difficult to destroy data without the help of professionals, the data stored on these devices could fall into the wrong hands. In general, the longer unneeded IT assets remain on-site, the riskier having them there becomes.
Get Everyone on the Same Page
An ITAD plan is not effective unless everyone is on board with it. Before the plan becomes official, make sure that everyone who is involved with the management of IT assets understands the process. Ask for their input on the plan to see if they spot any areas that need to be improved upon. Once everyone has signed off on it, make the plan official. Collaborating with everyone will ensure that all of the parties involved know the role they play so the process runs as smoothly as possible.
Founded in 2002, ERI is now the leading recycler of e-waste in the U.S., with eight facilities located throughout the country. For over a decade, multiple Fortune 500 companies have trusted ERI to recycle their electronic devices and destroy their sensitive data. For more information on our services, or to request a quote for your company, contact us today.