Complying with GLBA Data Destruction

Complying with Gramm-Leach-Bliley (GLBA) data destruction requirements is an absolute necessity in today’s business climate of data breaches. To help our clients, we provide secure onsite hard drive destruction services certified by the National Association of Information Destruction (NAID).

Gramm-Leach-Bliley (GLB) -FTC Safeguards Rule

The Gramm-Leach-Bliley Act (GLB) requires companies defined under the laws as “financial institutions” to ensure the security and confidentiality of information such as: customer names, addresses, phone numbers and social security numbers. This requirement includes companies of all sizes that are “significantly engages” in providing financial products or services.

Are you at risk of financial liability?

Federal legislation, such as GLB, HIPAA and HITECH require companies to conduct due diligence when hiring data destruction vendors. You may be taking unnecessary risk if your data destruction vendor …

  • Is not certified for hard drive and backup tape destruction.
  • Cannot provide onsite hard drive destruction.
  • Does not offer serial number report with the Certificate of Destruction.
  • Does not detail in written their data destruction responsibilities.
  • Does not carry professional liability insurance specific to data destruction.

GLBA Compliance and FTC Safeguards Rule

The Safeguards Rule requires companies to develop a written informational security plan that describes their program to protect customer’s information. As part of its plan, the company must (in part):

  • Select service providers that can maintain appropriate safeguards, make sure your contract requires them to maintain safeguards, and oversee their handling of customer information.

How does E-Waste Security help with GLBA compliance and FTC Safeguards Rule? Our mobile unit physically destroys digital data (hard drives, backup tapes and CDs/DVDs) at your location, while you watch.

Securing Information – Compliance with GLB and FTC Safeguards Rule

The FTC Safeguards Rule requires companies to address the risks to customer information in all areas of their operation. Firms should consider (in part):

  • Maintain a careful inventory of company’s computers and any other equipment on which customer data is stored.
  • When hiring an outside disposal company, conduct due diligence beforehand by checking references or requiring that the company be certified by a recognized industry group.

How does eWaste Security help you comply with FTC Safeguards Rule “Securing Information”? eWaste Security is certified by the National Association of Information Destruction (NAID) for the destruction of hard drives and other non-paper media (backup tapes, CD’s/DVDs). In addition, eWaste Security provides a Certificate of Destruction complete with a serial number report for all hard drives.