Get the Latest

  News

IT Asset Management Compliance Under the GDPR

Share

Often overlooked, companies still responsible for data when hardware disposed

End-of-life IT asset management is as critical a component in complying with the upcoming General Data Protection Regulation (GDPR) as your data security plan for in-use IT infrastructure.

Of course, the GDPR is the new standardized rules governing data protection in the EU and it’s coming into effect May 25, 2018. It covers all citizens of the EU and their data and any company that handles any portion of that data must comply.

Preparation for GDPR Compliance

The vast majority of companies, even now, say they aren’t adequately prepared to meet the EU’s new stringent rules.

As UK GDPR expert Tim Bell pointed out in this article on GDPR asset disposition, many companies overlook end-of-life asset management when creating their data management plan, and it could end up costing millions in fines under the GDPR.

The Cost of Compliance – and Non-Compliance

If your company works in the EU, or remotely handles data from EU citizens, you need to comply or face possible repercussions. And while the potential effect of non-compliance with GDPR looms, there’s always the omnipresent threat of a data breach when handling information – and data breaches can come with a steep cost as well.

Needless to say, the cost of not doing anything is far greater than the cost of non-compliance or a potential data breach. And the responsibility extends through the IT hardware’s end-of-life process.

A Guide to GDPR Compliance

Our team at TechReset has been preparing to handle the influx of companies pushing towards the May 25 GDPR compliance date – guiding them in the disposition of their IT end-of-life assets.

We help you develop a plan to properly dispose of your IT hardware – whether that’s through secure data erasure, hardware destruction or both.

Our IT asset disposition process

First, we audit the incoming IT equipment to determine the condition and the value of the assets. This is where we begin our chain of custody records, a valuable document outlining how your IT assets were managed while in our possession during this process.

Next, we assess whether or not a company can repurpose and remarket the hardware, which significantly reduces pressure on landfills and can defray the end-of-life asset management costs.

Right now, with our process, we’re able to recover 90 per cent of the IT hardware that comes through our doors, so it can be resold, repurposed or donated. That aligns with our zero-landfill initiative – a policy implemented as part of our ISO 14001 environmental certification. We have our eye on the environmental impact of hardware disposal – and it helps you save money.

To do this we use cutting edge software from Blancco, which provides forensic level data sanitation. Upon completion, you receive a Certificate of Data Cleanse.

Ensuring Proper Data Cleansing

Still, some IT hardware isn’t recoverable and needs to be destroyed. We shred the physical hard drives, effectively eliminating the IT asset and the data.

Compliance with GDPR is aided by having companies that are certified in the end-of-life IT asset management process. And we are. We have seven provincial and international certifications showing our commitment to being at the forefront of the data and hardware disposal process.

The GDPR could become the international standard for data protection among industrialized countries. With so much on the line, companies should be planning today for how they dispose of their IT assets.

Let TechReset help you plan the end-of-life for your IT assets. With GDPR on the horizon, it’s best to take action now rather than suffer the fate should your company not be in compliance.

Share