To this day many businesses remain alarmingly casual about old IT equipment disposal despite ‘several’ high profile cases in the media of data leaks and WEEE waste breaches. These breaches were from various businesses, companies, and organisations worldwide, yet we still find many IT Managers, business owners and more taking chances on 'any old' IT Disposal companies or just abandoning their used assets entirely without even making a simple delete.
If IT assets are not professionally handled your Data & WEEE risk breaches can have a catastrophic consequence on your organisation reputation wise and financially. In the year of the cloud many people (even those that work in IT) think that online data storage is infallible; but as we've seen time and time again this simply is just not the case.
Without following the appropriate steps, you just never know where your intellectual property may end so the solution is to research and choose a certified 'IT Asset Disposal Company' that can protect your Data & Electronic equipment from the consequences of a breach with ‘full liability’ and an open and honest presentation of certification and processes.
1) Service Creation and Booking
After you have researched your chosen ITAD by checking credentials and information create a ‘bespoke compliant service’ for your company. This may include:
After you have agreed upon your initial ‘service requirements’ your future bookings will be extremely quick and simple. Contact ‘Absolute ITAD’ through your personal account manager via email, telephone, or on our website. Arrange a convenient date then complete the booking form with quantities of equipment to be collected. (This can be completed by your account manager)
2) Collection & Chain of Custody
Once a disposal date is booked the ‘Chain of Custody’ paperwork is issued and signed. All COC paperwork must include the same reference number to be compliant and consistent for the chain of custody. (This also completes WEEE waste compliance duties) The assets are then collected from the customer site; these assets will be collected onsite via an ‘Unmarked GPS tracked vehicle’ and ‘Enhanced DBS’ checked drivers. Each piece of technology is logged via serial number and asset number to ensure that all received assets remain traceable after destruction or refurbishment.
Chain of custody paperwork must in include the following for compliance –
3) Sorting & Data
Assets are then divided into two categories - data-bearing equipment and non-data bearing equipment. Data-bearing devices such as hard drives, smartphones, and memory sticks are sent to be wiped using NCSC (previously CESG) NIST approved software or Physical Shredding from 4mm to 12mm. Any data bearing equipment that cannot be wiped must be physically destroyed. Certification must always be produced.
The equipment then needs to be assessed by expert electronic engineers to see if it is still usable, repairable, or could be resold for a profit. Younger equipment that is still working could still have value. Any items marked as marketable will be sold on to third parties after secure wiping, (rebates may be produced and passed back to the customer for those with high resale value)
The next tier of equipment to consider is bespoke, older, or damaged recent technology that could still be useful to a third party if repaired. These items are sorted out and sent to a workshop for further analysis and, if possible, refurbishment. Occasionally, only one part on the board is the cause of an electronic device failing. If the resale value of the device securely exceeds the cost of repairs and replacement parts, the item is refurbished, otherwise the item is sent for recycling; this known as Beyond Economical Repair (BER)
Data security is treated as paramount with any IT asset refurbished for resale or donation.
If data bearing equipment is completely outmoded, outdated, or damaged Beyond Economical Repair (BER), the final step for the recycling facility is to physically destroy data and repurpose through recycling. Old hard drives still inside the device are removed and physically shredded from 4mm to 12mm dependent on the size and other parts are separated and divided ready for recycling. All remaining equipment is broken down for recycling into fundamental components and or separated into categories to be sold in bulk for scrap recycling. Some items such as ‘Batteries and Star boards’ are extremely costly to recycle.
Get Certified - The final documentation is issued to the customer, this includes Data Destruction Certification, Asset Lists and any other bespoke reporting which can include residual value reporting, this reporting will be completed and sent 7 to 28 days post collection (as per the personal agreement with the account manager) All certification and reporting will be kept on file for 10 years.
Final reports include –
These should be sent through with a copy of the Full Chain of Custody (COC) 7 to 28 days post collection.
Chain of custody paperwork must in include the following for compliance:
Find out more.
Absolute ITAD are experts in recycling, refurbishing, and reusing old and unwanted electronics. We're fully certified to handle your bulk IT disposals.