David Brent on Electronic Equipment Disposal Risk [Podcast]




Compliance Perspectives show

Summary: <a href="http://complianceandethics.org/wp-content/uploads/2018/08/podcast-graphic-1024x1024.png"></a><br> <a href="http://complianceandethics.org/wp-content/uploads/2015/02/turteltaub-adam-200x200-150x1501.jpg"></a><br> By Adam Turteltaub<br> adam.turteltaub@corporatecompliance.org<br> Congratulations:  they’ve given you a new laptop or phone.  Condolences:  you better know what they plan on doing with your old device.<br> It’s not enough to simply put them in the trash or send them off to any ewaste recycler, explains <a href="mailto:david.brent@eridirect.com">David Brent</a> of <a href="http://www.eridirect.com">ERI</a>, an electronic waste recycler.  There are a variety of laws that affect how technology is disposed of from both a privacy and ewaste perspective.  GLBA, HIPAA Hitech, GDPR, FACTA and the FTC Final Disposal Rule provide a reasonableness standard for disposal of protected information.  In addition, 32 states have data disposal laws of their own.  These laws typically require destruction or erasure so that the data cannot be practically read or reconstructed.  And don’t forget that phones and laptops aren’t the only devices to worry about.  Printers, copiers, and even projectors may hold data on them as well.<br> Adding to the risk:  Electronic waste contains toxic metals.  Eighteen states plus the District of Columbia have landfill bans on electronic equipment.<br> For these reasons companies often turn to electronic recycling firms.  They can help manage the environmental and data risks.  However, due diligence is critical, Brent explains.  Having the right certifications can be a good sign, when assessing a vendor, but it’s important to do your own due diligence to ensure that they are doing what they are supposed to and that your devices and data don’t end up in the wrong place or hands.<br> Listen in to the podcast to learn more.<br>