IT asset disposition vendors (ITADs) have a dirty secret they don’t want you to know.
Organizations rely on ITAD vendors for data destruction, remarketing, and end-of-life recycling. Of course, ITADs are also entrusted with chain-of-custody reporting to document what was disposed.
Sadly, some shield themselves from liability by not providing complete chain-of-custody information. One we all know summed it up this way; “What clients don’t know won’t hurt them. Or us.”
Naturally, ITADs want to avoid providing rope to hang themselves. With friends like that, who needs enemies?
ITAD vendors occupy a position of trust. It is unacceptable for any ITAD to hide losses or provide false assurances of chain-of-custody.
Obviously, not all ITADs hide losses. Those that hide losses give others a bad name. Regardless, organizations should not blindly trust vendors.
Organizations are legally required to safeguard from potential data security threats. Any ITAD worthy of your trust should have actively advised you of your obligations.
If your vendor has not discussed the importance of having HIPAA-related safeguards with respect to ITAD (physical, technical, and administrative safeguards / both preventative and detective safeguards), this is major red flag. Either your vendor does not have a complete understanding of your legal requirements, or they are scared of the consequences if you had a complete understanding.
Disposal tags are a simple and a highly-effective way to safeguard against unscrupulous vendors, as well as many other ITAD hazards. Disposal tags provide transparency and accountability, something any ITAD worthy of your trust should welcome.
Please contact us for more information or to order a set of tags.
