Equipment Surplus & Secure Media Destruction Michael Thorn, Data Security Specialist.

Slides:



Advertisements
Similar presentations
HES Data Management Ari Haukijärvi. Planning of HES Data Management Purpose of the data management The data will be available for analysis The available.
Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
Asset Management Overview of asset procedures How to have assets removed or transferred to another department Contact information for asset staff.
Michelle Ross Sheila Hensley January 2015.
K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.
Resolution Categorization
Data Security Audit October 13 th, 2010 Thompson School District.
Aspects of Electronic Waste Disposal Lawrence P. Hayes P.E. E-Waste Experts, Inc.
NOAA Computer/Hard Drive Sanitization Validation Form and PDA/Cell Phone Destruction Worksheet.
Information Security Information Security for Research Thursday October 14 th 2010.
E-Discovery New Rules of Civil Procedure Presented by Lucy Isaki January 23, 2007.
Data Destruction and the Impact on Recycling Albert Hacker – Business Solutions Advisor (615)
Media Sanitization How to get rid of unwanted data so no one else can get it.
Safe Computing Dave Carter, CISSP Michigan State University College of Agriculture and Natural Resources.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Federal Acquisition Service U.S. General Services Administration January 2009 U.S. General Services Administration COMPUTERS AND ELECTRONICS DISPOSAL.
RECORDS RETENTION AND DISPOSITION October 30, 2013.
Embedded System:ARM 1 The ARM Company. Embedded System:ARM 2 History of ARM.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,
Session V Records Management Process Development
Section Three: Protection of Controlled Unclassified Information Note: All classified markings contained within this.
CMS Bureau of Property Management State Surplus Property Recycling & Scrap Electronics Chip Gass, I-Cycle Coordinator on behalf of Curtis A. Howard, Administrator.
U.S. Department of Energy’s Consolidated Audit Program (DOECAP) U.S. Department of Energy’s Consolidated Audit Program (DOECAP) Dr. Todd L. Hardt DOECAP.
Data Destruction and the Impact on Recycling. Innovation in Data Theft Ransomware.
Federal Recycling Program The Transaction is Easy Program Participants
OPSEC Awareness Briefing Multi-Function Printer (MFP) Security.
Protecting Sensitive Information PA Turnpike Commission.
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
Office Competencies Chapter 7 Review. What is it called when you hire temporary workers for a specific project?  Just-in-time hiring.
Electronic Public Record What is it, and Where Can Agency Lawyers Find It?
Fixed Assets. Definition Capital Asset Tangible Life is greater than 1 year Significant value ($5,000 or greater per unit) Identified and controlled through.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
ELECTRONIC RECYCLING ELECTRONIC EQUIPMENT RECYCLING WEB CONFERENCING RECYCLED TONER CARTRIDGES.
Managing the Retention of Electronic Records Ann Marie Przybyla Electronic Records Symposium Region 9, November 2007.
Best Practices for Protecting Data. Section Overview Mobile Computing Devices Technical Procedures Data Access and Permissions Verbal Communication Paper.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
UAB IT Security Program Sallie Wright UAB AVP, Information Technology.
Media Sanitization at the Idaho National Laboratory Jonathan Bates NLIT 2009.
2011 NPMA Conference Series III National Capital Area Conference Leaders in Asset Management National Capitol Area Conference Rick D. Parker,CPPM November.
Records Management Is Not an Option Anymore
Tampa Computer Recycling. Our Tampa computer recycling company takes responsibility of safely disposing of all older computer systems and their electronic.
Disposal of Computers and Computer Related Equipment Rebecca A. Regan Technology & Integration August, 2012.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
Data Destruction and the Impact on Recycling Sean Magann – Vice President of Sales and Marketing (510)
Title I Bookkeepers’ Training Property Control October 7, 2015.
Presentation for Export Control Coordinator’s Organization: Deemed Exports Alex Lopes Director Deemed Exports and Electronics Division Office of National.
Information Security. Your responsibilities as a Government of Canada employee.
IT Jobs Positions available in the field of Information Technology.
NOAA Computers/Hard Drives/Scanners/Printers/Monitors/Any Assets Retaining Information Sanitization Validation and PDA/Cell Phone Destruction Worksheet.
Electronic Waste Recycling Necessary for a Green Future.
BITS ‘N’ BYTES III Sharon Ricketts Williams, Recycling Coordinator Patricia Edington, Supply Technician VA ILLIANA HEALTH CARE SYSTEM DANVILLE, IL
RECORDS MANAGEMENT Judith Read and Mary Lea Ginn Chapter 12 Electronic Media and Image Records 1 © 2016 Cengage Learning ®. May not be scanned, copied.
Computers Mrs. Flowers University High School.
Handling Personal Data & Security of Information Paula Trim, Information Officer, Children’s Strategic Services, Mon – Thurs 9:15-2:15.
Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.
Items For Secure Media Recycling Bins
Part B Computer Storage
Overview and Requirements
Advanced Environmental Management (AEM) Training Phase I
Saturday July 22, am to 2 pm ON THIS DAY ONLY Radios
Fundamental of Information Communication Technology (ICT)
Archive / Destruction / Disposal
Personal Computers and Applications
Asset Management Overview of Asset Management function and procedures
\\hecnybiz\itdoc\compliance\disposal procedure\hardware disposal.ppt
Microsoft Windows 7 Basics
Secondary Storage Devices
Presentation transcript:

Equipment Surplus & Secure Media Destruction Michael Thorn, Data Security Specialist

 May 2009, Pfizer – employee inadvertently tossed out “home use” hard drive in the trash  June 2009, DOD vendor – military contractor disposes of hard drive in foreign country  October 2009, US Veterans Affairs – vendor transferred failed hard drive to recycler Recent Headlines

 Choose the “keep your hard drive” option on new purchases  To be or not to be…Green  Extend awareness to include home users and alternate work locations What Can UAB Do?

October 2008 – Data Destruction Day Hard drive CD/ DVD 3.5 FloppyTape-diskReel tape Device Count Totals Storage in Gigabytes Totals3, Fun Stat Total Terabytes of Storage Media Destroyed ,600 Total Reel tape length(ft) Total Reel tape length(miles)

Data ClassificationMedia Count HIPAA707 Proprietary45 FERPA18 Compliance Picture

Best Practice: Storage Media Disposition

Secure Media Destruction Form Found at: main.uab.edu/Sites/it/faqs/57722/

 Hazardous Waste Holding Facility: Freddie Crews  Phone:  Address: 400 3rd Ave S Birmingham, AL  Schedule a destruction time Direct Contact for Secure Media Destruction

 Surplus Warehouse wants them Obsolete/Old/Unused Computers, Copiers and Printers

Transferring Equipment to Surplus

Storage Media Identification Process Obsolete or Broken Electronic Equipment – Laptop and desktop computers generally contain mass storage media. However, printers, copiers and fax machines may contain hard drives as well. Does the equipment contain an HD? – Some multipurpose office machines have computer hard drives designed into the devices architecture. Remove Hard Drive – Depending on the device, a hard drive may be easily accessible via a convenient service panel on the equipment, or located obscurely internal to the outer frame of the equipment. Destroy – Hard drive media should be destroyed using the industrial shredder located on campus. Validate – Assure qualified personnel have followed the correct procedures for media sanitation. Document – Maintain chain-of-custody documentation to verify the disposition of hard drives has been attained and for future auditing purposes.

Business Class Copiers, Scanners and Printers