Many organizations expose themselves to commercial risk by discarding their computer hard drives and neglecting the critical information that they may contain. As part of our recycling services, Pathmark offers data destruction services to our clients to ensure secure destruction of their proprietary and confidential information contained on such devices.
Pathmark’s commitment is to ensure a thorough and secure destruction of our clients’ proprietary and confidential information. This is demonstrated in our use of Department of Defense software meeting DoD 5220.22-M multipass standards. In the case of “bad sector” encounters in the data and overwriting is not feasible, physical destruction of the device is implemented to ensure the destruction of sensitive data.
As part of our services, Pathmark issues Certificates of Data Destruction to our clients for their record keeping and auditing purposes.
Why does your business need Data Destruction Services?
Organizations can face significant economic and legal issues if data resident on computer equipment is not properly sanitized during the recycling process.
Client lists, intellectual property, proprietary processes, accounting information, medical records all represent confidential data that organizations have a legal obligation to protect. Pathmark assists organizations comply with Federal privacy and liability legislation such as:
SOX set new or enhanced standards for all US public company boards, management, and public accounting firms. This legislation was enacted as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. Amongst many requirements, SOX requires public companies to restrict access to production databases.
HIPAA governs the control measures for the safeguarding of hardware containing protected health information (PHI) to protect against inappropriate electronic and physical access. When a piece of electronic equipment is retired it must be disposed of properly to ensure that PHI is not compromised. HIPAA sets civil monetary penalties for violating HIPAA rules and establishes procedures for investigations and hearings for HIPAA violations.
HITECH addresses the electronic transmission and disposition of health information such as personal health records (PHR) and protected health information (PHI) by vendors and related entities. It also extends the HIPAA requirements and updates civil and criminal penalties to business associates.
Major components of GLBA include the mandatory requirements by financial institutions, insurers included, to put into place measures to govern the collection, disclosure, and protection of consumers’ non-public personal information, or personal identity information. This provides a necessary policy in place to protect the information from foreseeable threats in security and data integrity.
The Fair and Accurate Credit Transactions Act of 2003 (FACT Act or FACTA, Pub.L. 108-159) is a United States federal law, passed by the United States Congress on November 22, 2003, and signed by President George W. Bush on December 4, 2003, as an amendment to the Fair Credit Reporting Act. The act allows consumers to request and obtain a free credit report once every twelve months from each of the three nationwide consumer credit reporting companies (Equifax, Experian and TransUnion). In cooperation with the Federal Trade Commission, the three major credit reporting agencies set up the website, annualcreditreport.com, to provide free access to annual credit reports. The act also contains provisions to help reduce identity theft, such as the ability for individuals to place alerts on their credit histories if identity theft is suspected, or if deploying overseas in the military, thereby making fraudulent applications for credit more difficult. Further, it requires secure disposal of consumer information.
Superfund is the common name for the Comprehensive Environmental Response, Compensation, and Liability Act of 1980 (CERCLA), a United States federal law designed to clean up sites contaminated with hazardous substances. Superfund created the Agency for Toxic Substances and Disease Registry (ATSDR), and it provides broad federal authority to clean up releases or threatened releases of hazardous substances that may endanger public health or the environment. The law authorized the Environmental Protection Agency (EPA) to identify parties responsible for contamination of sites and compel the parties to clean up the sites. Where responsible parties cannot be found, the Agency is authorized to clean up sites itself, using a special trust fund.