Home > Resource Center > Blog > Electronic Data Destruction 101: Chain of Custody
Electronic Data Destruction 101: Chain of Custody

Electronic Data Destruction 101: Chain of Custody

Posted in Blog

If it’s time to replace your IT equipment, then it’s time to double check that your data security policy contains a secure chain of custody and an electronic data destruction process. This will ensure that your computer hardware with sensitive data makes it safely from your facility through data destruction to a certified asset disposition company that has been properly vetted. To significantly reduce the risk of legal, financial and PR disasters, be sure that a certified and bonded service provider properly handles the onsite data destruction or secure transport of the assets to help prevent a data security breach.

What is a Chain of Custody?

Chain of custody is a fully auditable paper trail providing end to end visibility documentation of what was done, when, and by whom in the process of electronic data destruction. This should include:

  • An assigned project manager
  • Identification and scanning all serial numbers for tracking purposes
  • Optional: Scanned and matching computer and hard drive serial numbers
  • A recording of the time of disposition, and the method of disposition
  • Identification of the individual executing the procedure
  • A video recording of the process
  • A signed Certificate of Destruction proving compliance with relevant privacy legislation.

Why do you need a Chain of Custody?

Maintaining an auditable record of chain of custody is necessary for regulatory compliance and data management.  It will help to protect your business against any potential regulatory fines that could be incurred for a data breach that may result from IT assets being improperly disposed of.  And a secure chain of custody includes a Certificate of Destruction, a nationally-recognized record to keep on file helping you document compliance with state and federal privacy laws such as HIPAAPCIFACTA, Gramm-Leach-Bliley, and Sarbanes-Oxley.

NAID AAA Certification and Chain of Custody

Using a NAID AAA certified data destruction vendor ensures the highest standard of information destruction. NAID-certified companies undergo announced and surprise audits that include careful scrutiny of the chain of custody audit trail and procedures. Selecting onsite electronic data destruction services further reduces the opportunity for chain of custody gaps resulting from packing and shipping. Additionally, with onsite data destruction, you’ll be able to have your own staff witness the process to further strengthen your chain of custody process and verification.

Chain of custody is a legal obligation for anyone disposing of sensitive data. To ensure compliance and verification of compliance is a part of your ITAD (IT Asset Disposition) program, ask your VAR or contact Guardian Data Destruction for advice. No one needs the embarrassment, financial and legal consequences of an end of life data breach that could have been easily avoided.

Ready to get started?

Get a quote > Discuss your challenge >

15 essential factors for IT asset management and data destruction

If your goal is to ensure that data doesn’t show up where it shouldn’t, these 15 essential factors for IT asset management and data destruction will help you develop a defensible data destruction policy and secure IT asset management process.

Keep Reading >

Overflow warehousing for IT asset disposition, security and transitions

Secure, overflow warehousing designed for IT asset storage and processing is the solution for ITAD, VAR and reseller when space, receiving and client services are a problem

Keep Reading >

8 Post-pandemic Predictions for the Planning of Data Security and IT Asset Management and Disposition

We’ve pinpointed eight post-pandemic workplace trends that will affect the planning of data security and IT asset management and disposition from budgeting, purchasing through end of life disposition. Here’s what you need to know.

Keep Reading >

Stay in the know

Get relevant information right in your inbox

We do not sell or share your information with anyone

Previous Next
Test Caption
Test Description goes like this