The EU General Data Protection Regulation. The Impact on IT Asset Disposal

Similar documents
Mission Statement & Company Overview

Pioneers in technology recycling and the intelligent choice of partner for the secure reprocessing of your redundant equipment

EU General Data Protection Regulation (GDPR) Achieving compliance

BT Cables. An Introduction. A subsidiary of

/ Backed by Lloyd s of London. Media Security Solutions. techr2.com

ACCREDITATION COMMISSION FOR CONFORMITY ASSESSMENT BODIES

WEEE disposal and the creation of social value. Jon Selby Tier 1 Asset Management Ltd

Solution Oil & Gas. tgood.com

Tackling WEEE how can we help?

ISO 9001 Certification. The internationally recognised standard for. systems and quality management

WEEE Regulations. David Lloyd Environment Officer

ACCREDITATION COMMISSION FOR CONFORMITY ASSESSMENT BODIES

Disk Encryption Buyers Guide

AN IPSWITCH WHITEPAPER. 7 Steps to Compliance with GDPR. How the General Data Protection Regulation Applies to External File Transfers

What is BS 7799? BS 7799 is the most influential, globally recognised standard for information security management.

Shred hard drives and other storage media safely and efficiently. HSM Powerline HDS 230 hard drive shredder

Irish Compliance Scheme

THE PROCESS FOR ESTABLISHING DATA CLASSIFICATION. Session #155

Archive Legislation: archiving in the United Kingdom. The key laws that affect your business

IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE

If you have any questions regarding this survey, please contact Marcell Reid at or Thank you for your support!

"Batys Cert" Certification Center" LLP. Management Systems Compliance Verification Agency

environmental crime prosecution - the Netherlands -

Official Audio Visual Price List

What your business needs to know as a business end user discarding WEEE

NCC Group plc. NCC Group plc Interim Results

Symantec Enterprise Vault

Balancing energy and environmental demands

How to Choose a Secure Data Destruction Method

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

Disruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise

EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS

Balancing energy and environmental demands

How WhereScape Data Automation Ensures You Are GDPR Compliant

SCCE ECEI 2014 EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS. Monica Salgado JANINE REGAN CIPP/E

3.0 Traceability & Management Systems. Contents

Green IT (ICT) (Accredited by British Computer Society)

IT ASSET DISPOSAL STANDARD

IRON MOUNTAIN GOVERNMENT SERVICES

PS 176 Removable Media Policy

Memo on Stakeholder Consultation on Article 10(2) of Directive 2012/19/EU

Certified Data Erasure Cyber Security in Digital Single Europe 25 March 2014, Bucharest. Tabernus Data Erasure Flexible Secure 1

PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS

our values Specialised maintenance and project delivery services to the mining, heavy industry, manufacturing and utilities sectors.

Waste Electrical and Electronic Equipment (WEEE)

United Kingdom Accreditation Service

Protecting your data. EY s approach to data privacy and information security

User s Manual ACC-ECU3. USB 3.0 ExpressCard

GDPR Workflow White Paper

Hard drive shredder HSM Powerline HDS 150 and HDS 230

United Precious Metal Refining, Inc

No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017

STILA S.A BY THE AUTHORITY OF THE COUNCIL. IS A CERTIFIED MEMBER OF THE Responsible Jewellery Council. Executive Director

IaaS Buyer s Checklist.

PS Mailing Services Ltd Data Protection Policy May 2018

Access international opportunities

Backup and Recovery. Backup and Recovery from Redstor. Making downtime a thing of the past Making downtime a thing of the past

INFORMATION ASSET MANAGEMENT POLICY

Scheme Document. For more information or help with your application contact BRE Global on +44 (0) or

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

General Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant

As the UK leaders in the supply and installation of industrial ovens and finishing equipment we have the knowledge and expertise to keep your

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2

Solution Mining. tgood.com

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

IMPLEMENTATION COURSE (MODULE 1) (ISO 9001:2008 AVAILABLE ON REQUEST)

You can count on us. ADDS Additional Service Schedule

S.T.A.R. Toner Cartridge Recycling Program

Mobile Working Policy

About MagTek. PIN Entry & Management

USB 3.0 TO SATA ADAPTER HARD DRIVE ADAPTER WITH OTB FUNCTION

What is happening to all our WEEE? Experiences from the EU

National Chain Company

About SpeedCast. John Thomson. Date. Communications IT Solutions Consulting. Copyright 2017 by Speedcast. All Rights Reserved.

Due Diligence March 2018 Page 1 of 6. Company

techbuyer.com WE BUY SELL AND REFURBISH YOUR FIRST CHOICE FOR NEW AND QUALITY REFURBISHED DATA CENTRE EQUIPMENT

La certificazione ISO27001

Azure Active Directory B2C. Daniel Dickinson Enterprise Mobility Specialist

J.K. Star BY THE AUTHORITY OF THE COUNCIL. IS A CERTIFIED MEMBER OF THE Responsible Jewellery Council. Executive Director

Role of International Standards and Conformity Assessment in the Fourth Industrial Revolution

With the successful completion of this course the participant will be able to:

Green IT: Green Services are Good for Business, Providing Energy Savings and Environmental Benefits

Fast-Track Waste Shipment Notifications

Solution Railway. tgood.com

REINVENTING ETHICAL, SUSTAINABLE SUPPLY CHAINS

New Spanish Regulation Tightens Up Data Protection Requirements RAFI AZIM-KHAN, JOHN NICHOLSON, ALESSANDRO LIOTTA, AND DOMINIC HODGKINSON

Expansion Port SWITCH USER MANUAL

Industrial control systems

Copyright 2016 EMC Corporation. All rights reserved.

Solution Utility. tgood.com

Dealing with e-waste: Key elements of the European WEEE Directive. Recife, 24 February 2011

efax Corporate for Independent Agent Offices

Domino s Pizza Enterprises Ltd. The Business Partner. Code of Practice

PECB Certified ISO Lead Auditor. Master the Audit of Occupational Health and Safety Management System (OHSMS) based on ISO 45001

Managed Services.

What is ISO ISMS? Business Beam

Securing Your Digital Transformation

Data Erasure Solutions

UL and Business Continuity

EGF - Eduard G. Fidel GmbH

Transcription:

The EU General Data Protection Regulation The Impact on IT Asset Disposal

Who are Greenworld David Aitken FCCA Managing Director Europe s leading ON-SITE data destruction and redundant IT equipment disposal company Over 25 years worldwide, military background, management expertise First UK company accredited to:- ISO 27001 : 2013 Information Security ISO 14001 - Environmental ISO 9001 Quality BS OHSAS 18001 Health & Safety

Our Service Greenworld specialise in Secure On-Site Data Destruction to Military Standards and ethical, environmental re-marketing or recycling of end of life IT equipment Europe's Class Leading Service Eliminates the substantial risks associated with Data Loss on redundant asset disposal Eliminates the Substantial Environmental Risks Associated with Redundant Asset Disposal Uses Ethical and Environmentally friendly disposal methodologies

Our Clients

The Risks What's Changed? New European Data Protection Regulations Fines - 20m Euros or 4% of Global Turnover Level Playing Field Public/Private European Enforcement Loss of client and public confidence Loss of customer confidence Share price drop FCA fines WEEE legislation Criminal prosecution and unlimited fines Extensive adverse Corporate Social Responsibility exposure

Recent Disasters DATA - BEFORE new European Regulations Nationwide fined 980K plus class action Surrey NHS fined 325K Sussex Police fined 200K WEEE before new European Regulations Original 2006 Revised 2014 - Prosecutions taking up to 5 years Recycler fined 112k and Directors face 18 months imprisonment NHS Killing Children in Ghana Terra Blight Toxic dumping killing children in Africa

Ongoing Disasters - Terra Blight Dumping WEEE on toxic dumps in Africa destroying the environment and killing children through pollution

Data Destruction

Data Destruction A Disaster Waiting To Happen

Data Destruction - The Issues New IT equipment is SEXY, Redundant Equipment is forgotten Majority of Disposal Companies generalists NOT Specialists Off Site Data Destruction Huge Uninsurable Risk Few specialists but expertise & focus is equipment resale and OFF-SITE data destruction No specially trained ON-SITE Data Destruction Teams, limited/no security vetting and use of agency staff Asset registers are rarely 100% accurate If you don t know 100% the assets that you have,how can you prove you have destroyed the data on them upon disposal? - Technically Data Loss Unapproved methods of data destruction Data is recoverable Technology & Equipment continually changing - Obsolete methods of data destruction Data is recoverable

Data Destruction The Essentials Specialist 100% ON-SITE data destruction ONLY All Data Destruction MUST be completed in front of the Client - Your Data can NEVER leaves your premises All ON-SITE data destruction teams must have have police SC clearance or similar Complete Integrity - Nigeria pay 10 each for consumers details Complete On-Site Asset Reconciliation/Signover with Hard Drive Check ALL Data Destruction MUST be completed ON-SITE to Military Standards All destruction equipment, software and methodologies MUST be continually updated for emerging and advancing technologies Data Destruction MUST be certified, auditable and insured to a minimum of 5m against Data Recovery Zero Tolerance to Data Loss Must be employed

Data Destruction - Asset Types Just Hard Drives? NO Certified ON-SITE Data Destruction to Military Standards on ALL Data Assets Including : Servers Systems PC & Mac Laptops & Tablets Hard Drives Traditional & Solid State Tapes Server Back up, Video Floppy Discs Mobile Phones, Smart Phones & PDA s USB Sticks Optical Media DVD s & CD s

WEEE Disposal

WEEE Disposal - The Issues WEEE world s largest growing waste stream contains extremely harmful chemicals that pollute the environment WEEE equipment dumped on toxic dumps in Africa and Asia Destroying the environment Killing children exposed to the toxins mining metals by hand WEEE legislation enforces the correct environmentally friendly disposal of WEEE but only applies to Europe Dumping WEEE Outside of the US and Europe is wide scale,very lucrative and simple - Acquiring a Waste Carriers Licence is easy Prosecution for a WEEE breach is made throughout the disposal chain including the client Easy to trace through client markings Client MUST prove correct due diligence within the disposal process and complete traceability of all assets to avoid prosecution

WEEE Disposal - The Essentials MUST be ISO 14001 and 9001 Accredited Close links with the Environment Agency MUST have complete On-Site Asset Reconciliation Assets MUST be tracked individually through all stages of their complete disposal lifecycle from On-Site signover to ultimate disposal ESSENTIAL - Complete debranding of all equipment removing all client markings All equipment MUST be fully tested & categorised Remarket or Recycle Ethical Equipment Remarketing HAS to be supported by comprehensive procedures, market & customer knowledge Equipment MUST be recycled to strict environmental standards with UK ZERO TOLERANCE TO ASSET LOSS - ESSENTIAL

WEEE Disposal Asset Types Just Printers? NO Certified WEEE compliant fully auditable disposal to strict environmental standards including: All Data Assets All Non Data Assets Including : Printers Monitors CRT & TFT Server racks Networking equipment Power cables Keyboards/mice etc.

Systems Monitoring & Auditing

Systems Monitoring & Auditing You cannot prove total disposal compliance if your Asset Register is not 100% accurate

Systems Monitoring & Auditing The Issues Every Asset disposal MUST be reconciled to Client s Asset Management System Every Asset s Data Status MUST be reconciled to the Clients Asset Management System Every Data Asset Disposal MUST have a military standard Data Destruction certificate Every Asset Disposal MUST have complete transparent traceability through the disposal lifecycle for WEEE compliance

Monitoring & Auditing The Essentials MUST have a Secure Asset Management system to protect Clients and manage Clients Assets through the complete disposal process Secure Client portal providing:- Data On Site Asset Sign overs and Data Destruction Certification Current and pending Data Protection regulations Recent Data Disasters Environmental Recycled equipment analysis & Proprietary CO2 Savings Reporting Current and pending Environmental regulations Recent Environmental Disasters Asset Reconciliation and Management - Virtual Stockroom Virtual Stockrooms with Asset Quarantine function for discrepancies Direct Reconciliation with Data Destruction and Asset disposal Certification Asset detail export for integration with Client Asset Management System

Corporate Social Responsibility

Corporate Social Responsibility - WEEE Disposal If your not sure where your Assets have gone how can you prove they are not destroying lives and the environment?

CSR - WEEE Disposal - Terra Blight Dumping WEEE on toxic dumps in Africa destroying the Environment and killing children through pollution

CSR - WEEE Disposal Remarketing & Recycling Remarketing Environmentally - the best option New Asset not being manufactured & no recycling energy usage Significant Carbon footprint reduction Tonnes of CO2 saved 90% equipment remarketed Ethically the best option Provides low cost quality IT equipment Commercially - the best option Significant revenue returned to client Secure Remarketing Only deal with trusted end-users - never brokers Recycling If cannot be remarketed recycle to strict environmental standards - ISO 9001/14001 0% landfill Fully recycle within the UK and fully auditable Exceeds all WEEE Legislation

Asset Disposal Commercials

Asset Disposal Commercials The COST of disposal is irrelevant if the RISK is not totally eradicated

Asset Disposal Commercials RISKS New European Data Protection Regulation Fines - 4% of Global Turnover or 20m Euros WEEE legislation Revised 2014 Criminal prosecution and unlimited fines COMMERCIALS If redundant equipment is - 5 years old the disposal should be Cost Neutral 3 or 4 years old the disposal should be Net Revenue

Thank you Q & A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback