Every corporate information security plan needs a final disposition solution for expired hard drives and backup tapes. But understanding media destruction best practices isn’t always easy. In this blog, we answer several common media destruction questions.
Q: Am I required by law to destroy my electronic media?
A: Yes. The following federal regulations set strictguidelines for how media with confidential information must be destroyed:
- The Health Insurance Portability and Accountability Act (HIPAA)
- The Fair and Accurate Credit Transaction Act (FACTA)
- The Gramm-Leach-Bliley Act (GLBA)
Failure to destroy your media as these regulations require may result in severe financial penalties and damage your business’ reputation.
Q: So, what media should I destroy?
A: Destroy any media storing sensitive personal, financial, or medical information. These may include the following portable storage devices:
- CDs, DVDs, and Blu-rays
- Credit cards, ID cards, and other magnetic or chip cards
- Flash drives
- Hard drives
- Magnetic backup tapes
- Memory cards
- VHS tapes
- Zip disks
Q: What does a media destruction service cost?
A: The volume of devices destroyed, frequency of service, and how quickly you need your media destroyed determines the cost of your media destruction service. A reputable provider will offer a free quote before starting your project.
Q: Can’t I erase and sell my old hard drives and backup tapes?
A: You can, but this will leave your information vulnerable to a data breach. A recent study by the National Association of Information Destruction (NAID) found that 40 percent of used electronic devices sold on the secondhand market contained personally identifiable information (PII). Deleted or wiped files can still be recovered, so always have your expired devices professionally destroyed.
Q: What happens to the eWaste from my shredded media?
A: Your media destruction provider should partner with a trusted, local electronics recycling company that disposes of your eWaste in an environmentally-sustainable way which follows US EPA, Department of Natural Resources, e-Steward Initiative, and local solid waste department standards.
Q: Why should I work with a NAID AAA Certified media destruction company?
A: Partnering with a NAID AAA Certified provider ensures you receive a secure and ethical data destruction solution. The NAID AAA Certification Program requires that providers meet their high standards in the following areas:
- Operational security
- Employee hiring and screening
- Responsible information disposal
- Liability insurance
When a NAID member has completed a successful audit, they receive a certificate showing their company name and the destruction service they’re certified to offer customers.
If you have more media destruction questions, please contact us by phone or complete the form on this page. We love answering your questions!
Land Shark Shredding offers NAID AAA Certified shredding and destruction services in Bowling Green and throughout southwest Kentucky. For more information, please contact us by phone or complete the form on this page.