No. Liability for any data exposed through the resale of technology equipment rests squarely on the company that created the data. Transfer of ownership does not provide protection. IF you are relying on a buyer to destroy your data, caveat emptor! What recourse do you have it they fail to destroy your data? If you do not have an unbroken chain-of-custody, the buyer can claim they never got your equipment. Even worse, do you really think they will reimburse you for your damages? Many organizations have not recognized the catastrophic potential for this exposure and many have not reviewed their policies, or their partners’ policies to determine if they are adequately protected.
Is insurance enough?
No. Liability for data security risks is poorly addressed by most corporate insurance policies. Exposures for “consequential damages” are often left uncovered. Most insurers put exclusionary language in their policies for data security claims in Commercial General Liability (GL) policies. Typical insurance policies will not be triggered since data is usually considered “intangible property.” Errors & Omissions (E&O) policies do cover consequential losses, but there are no standard forms, and coverage varies significantly among insurers.
How big does my company have to be to qualify?
Retire-IT provides services to businesses and organizations of any size. There is no size constraint. We can handle a single server in San Francisco, or one thousand laptops in Laredo. We believe that IT disposal should be an on-going process rather than a periodic event.
What kind of equipment is eligible?
Retire-IT can dispose of any type IT equipment including desktop computer, notebooks, printers, monitors, handhelds, servers, etc. We also handle networking gear, imaging equipment, medical devices, copiers, and telephone systems. Our process is the same regardless of the type of equipment. We ensure that equipment is transported safely, tested, recycled, or resold in a professional manner.
What do I do about data on my hard drives?
Companies that fail to secure sensitive data face customer backlash and face fines. Retire-IT is committed to assisting clients with compliance with security and privacy regulations. Retire-IT ensures that all data and software are removed from all electronic media. Hard drive erasure procedures adhere to DoD and NIST standards. Inoperable hard drives are physically destroyed. On-site destruction and certified data destruction options are also available.
How do I ship my assets to Retire-IT?
You don’t. The standard Retire-IT service includes pick up at any of your locations. All you need to do is tell us what you have, where it is located, and when to be there. All we ask that you have the equipment de-installed and in a central location.
Can I ship my assets to Retire-IT?
Yes. However, Retire-IT specializes in the transportation and logistics of retired IT equipment. We have made it our business to make transportation easy and cost effective. Your assets arrive at our facilities secure and for less money than you might think.
What does it cost?
There is ALWAYS a cost (when performing proper IT disposal services). Beware of any recycler offering a “No Cost” solution. With no-cost solutions, the price you pay is hidden. Worse, your organization will be 100% exposed to any downstream liability. Our prices are clear and upfront. There is a nominal fee for processing the equipment. There is also a minimum charge for transportation ($150-$250) depending on the location. You’ll never face hidden disposal fees or unexplained surcharges. If your assets are remarketable, IT disposal can more than pay for itself.
What happens if our equipment has no marketable value?
Retire-IT provides an environmentally safe disposal option for assets without market value in accordance with EPA guidelines and the United States federal, state, and local laws. If your assets are not remarketable, there is no additional cost to you. The cost of recycling equipment is included in the price of our service.
How can I get started?
Is e-waste regulated?
Yes and No. The U.S. Environmental Protection Agency does not regulate IT disposal facilities per se. However, the EPA does require most organizations have in place a “manifest” system in order to prove proper handling and disposal of certain types of e-waste. There is also a patchwork of legislation at the state level (e.g. California, Massachusetts, and several other states already have CRT landfill bans in effect). It is important to regularly check to make sure your vendors are compliant with all Federal, state, and local regulations.
How does Retire-IT ensure quality?
Ensuring quality is our business. As our motto states: It’s Retire-IT, or it is your word on IT! Retire-IT works solely with certified partners who follow industry best practices. We qualify each partner’s processes and continuously monitor their performance. We employ rigorous statistical process control to provide an advanced warning of potential quality problems. We internally managed logistics, not throw it over the wall to a 3rd party to manage for us. Clients are always encouraged to visit facilities to inspect the process firsthand.
Where is Retire-IT located?
Retire-IT has over three dozen authorized facilities located across the United States, Canada, United Kingdom, Mexico, and Puerto Rico. We are headquartered in Columbus, Ohio at 1560 Fishinger Road, Suite 160, Columbus, OH 43221.
What do the HIPAA Privacy and Security Rules require of covered entities when they dispose of protected health information?
The HIPAA Privacy Rule requires that covered entities apply appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information (PHI), in any form. Click here to download HHS’s Frequently Asked Questions About the Disposal of Protected Health Information.