Many cases of used computers being purchased on internet and data being retrieved from them are often in the news. This can cause a lot of harm to individuals, companies and reputations. Heavy fines can also be imposed. So how can you be sure your data on your hard drive cannot be retrieved?
Firstly it would be good idea to point out your legal responsibilities. Under the Seventh Principal of the Data Protection Act 1998 it states that, all organisations must employ a 3rd party data destruction service to destroy all redundant and confidential information that can be in either paper or electronic format. It also needs to be certified that it has been done so. Therefore you should not attempt to destroy your own data yourself as this is breaking the law and fines can be up to £500,000.
It would also be good to point out that there are many myths on how you can destroy data. The hammer is one of those. Albeit hammering your hard drive to death would make it difficult for someone with no experience to retrieve the data, software can be easily purchased online and anyone with the knowledge could still get data from the drive. This also applies to drilling holes through the drive also.
There are only two ways to destroy data with certainty to the appropriate standard is:
- Using software that rewrites O and 1’s over the hard drive. This needs to be done at least 3 times, however the highest level is seven times. This takes considerable time and can be costly. The government approved software also supplies a certificate detailing the drive details and its successful wipe. This has to be done by a third party as previous mentioned and we would suggest this is the best way if the drive is to be reused.
- The ultimate way is to shred the drive with a mechanical shredder. The result are small pieces of shredded hard drive as per the picture. This also can be certified by the third party and also complies with government standards so that you keep within the law.
Should You Do It Onsite Or Not?
Some companies like banks for example insist on their data being destroyed onsite due to security. There is no law that states one way or the other. If using the offsite service you must use a licensed and registered recycler as this way, when your data is passed over to the recycler it is now their obligation to safe guard the items until destruction.
Onsite destruction is also more expensive than offsite destruction because of the extra man hours and equipment needed. Either way is down to the organisations own preference and the trust they have in the company that is providing the service.
Costs
It is very difficult to give an exact cost as it depends on the type of destruction you want and how many drives there are to destroy etc. To give you an idea of Recycling Your IT (RYIT) costs, we will use an actual customer example.
Company ABC had 750 hard drives to be destroyed. Their choice would ideally to be done onsite but like most companies cost could be an issue albeit keeping within the law was paramount.
Onsite destruction worked out at £8 per drive (£6,000 + VAT). This would have been a significant dent in the IT department’s budget. Our trained staff explained the differences between on and offsite destruction and it was decided that offsite option would be cheaper.
Off site is considerable less labor costs to us so that can be passed on however it all depends on volumes, ease or removal etc. In this case the hard drives had already been removed. So all we had to do was place them on a pallet and secure them. Take them to our recycling facility and shred them. The cost for this worked out at £0.50 per drive (£375) which is obviously a considerable saving and gave them the same level of security and certification.
Call us today on 01279 215000 to find out how we can help you dispose of your IT equipment in a socially responsible way. |