Home > Resource Center > Blog > Data privacy – how does it affect IT asset disposition and destruction?
Data privacy – how does it affect IT asset disposition and destruction?

Data privacy – how does it affect IT asset disposition and destruction?

Posted in Blog

Glenn Laga

Whether you’re company is B2B or B2C, consumer data privacy has an impact on your data storage and data destruction. IT asset management and data security have some federal oversight based on specific industries (such as health, financial, credit card) but most regulation (right now) is a state-by-state patchwork of laws. For companies engaged in international business, the most comprehensive data privacy law is the General Data Protection Regulation (GDPR) covering the EU. 

The result? A digital version of the Wild West: laws based on geography, a few standout sheriffs (California we’re looking at you) and an occasional whopper fine as a public reminder to walk the line. With the current mish-mash of regulatory oversight, data security is focused on brand protection with an adherence to the highest level of applicable state and federal law — no matter where business is happening.

“The United States doesn’t have a singular law that covers the privacy of all types of data. Instead, it has a mix of laws that go by acronyms like HIPAA, FCRA, FERPA, GLBA, ECPA, COPPA, and VPPA.”

The State of Consumer Data Privacy Laws in the US (And Why It Matters), New York Times, Sept 6, 2021

Data privacy by industry

“Currently, privacy laws are a cluttered mess of different sectoral rules. “Historically, in the US we have a bunch of disparate federal [and state] laws,” said Amie Stepanovich, executive director at the Silicon Flatirons Center at Colorado Law. “[These] either look at specific types of data, like credit data or health information,” Stepanovich said, “or look at specific populations like children, and regulate within those realms.” (The State of Consumer Data Privacy Laws in the US, New York Times, Sept 6, 2021) 

In addition to the variance in state regulations, IT data disposition processes, policies and compliance vary by company, geography, history, legal viewpoint, brand awareness and industry sector: 

  1. Banking & Finance.  Gramm-Leach-Bliley (GLBA), the Federal Trade Commission’s Fair and Accurate Credit Transactions Act (FACTA), the Payment Card Industry Data Security Standards (PCI DSS) and the Sarbanes-Oxley Act (SOX) 
  2. Education. Family Educational Rights and Privacy Act (FERPA), and  the Individuals with Disabilities Education Act (IDEA)
  3. Healthcare, Pharmaceutical and Insurance. Protected health information (PHI) is protected by the Health Insurance Portability and Accountability Act​​ (HIPAA) regulations and the Payment Card Industry Data Security Standards (PCI DSS) 
  4. Government, Nonprofit. Publishing, Research & Development and Retail and eCommerce. The California Consumer Privacy Act and the Children Online Privacy Protection Act (COPPA) and the Payment Card Industry Data Security Standards (PCI DSS).
  5. Real Estate. Legal & Corporate, Manufacturing, Tech & Cloud Providers. Varies by industry served and state

Trusted suppliers are essential for data privacy management

No matter the industry or location, look for vendors who satisfy the requirements of the project, the industry, any and all regulations and corporate policies. The results forge lasting business relationships with the confidence that your data and asset management programs are executed at the highest level.

Additional resources to help you stay ahead of data security and privacy challenges:

As a channel partner to VARs, ITADs, MSPs and resellers, Guardian’s services reduce risk, cost and overhead while shouldering the burden of compliance, industry know-how and logistics. If you have a data security or data destruction conundrum, talk to us. We know the regulations and work with IT asset management process and programs to solve problems, provide all documentation and ensure that your reputation sparkles.

Find a VAR or ITAD>

Ready to get started?

Get a quote > Discuss your challenge >

7 BIG ITAD trends from IAITAM ACE 2022

IAITAM ACE 2022 focused on the burgeoning opportunities and responsibilities of IT asset management in a post-COVID reality. ITADs, asset managers and software solution providers …

7 BIG ITAD trends from IAITAM ACE 2022 Keep Reading >

Keep Reading >

Why choose data erasure services instead of shredding? Or degaussing? Or mutilating?

There’s only one reason to choose data erasure instead of other types of eData destruction: to retain and reuse the hard drive for remarketing or …

Why choose data erasure services instead of shredding? Or degaussing? Or mutilating? Keep Reading >

Keep Reading >

Top 5 Data Destruction Trends and Takeaways from the (NAID) i-SIGMA Conference 2022

The Guardian team recently flew back (and boy, are our arms tired) from the i-SIGMA  (International Secure Information Governance & Management Association) National Conference and …

Top 5 Data Destruction Trends and Takeaways from the (NAID) i-SIGMA Conference 2022 Keep Reading >

Keep Reading >

Stay in the know

Get relevant information right in your inbox

We do not sell or share your information with anyone

Previous Next
Close
Test Caption
Test Description goes like this