Published on December 22, 2018, Updated on April 4, 2022

As service providers gather increasingly personal levels of information across larger and larger cross-sections and demographics, the government has worked hard through legislation and compliance laws to ensure those providers do everything possible to protect that data. One component of these requirements includes what must be done with personal data once a company no longer has need of it and it’s no longer required to be kept on file. In many cases, the legislation requires service providers to procure and keep on file a Certificate of Destruction to verify that data has been destroyed in a way that it could no longer be retrieved.

Necessary Components Track Chain of Custody

Certain information should be included in order to create a thorough document that meets the criteria outlined by compliance requirements:

  • Unique serialized tracking number.
  • Date, location, and agreement to assume custody of data.
  • Terms and conditions agreed to by the two parties as to the destruction of data.
  • Acceptance of fiduciary responsibility by the organization destroying the data, to assume liability to maintain confidentiality of the data while it’s in provider’s possession.
  • Date liability assumed, date of destruction, location of destruction, and witness.

Learn Is throwing electronics away illegal?

Regulatory Compliance Requirements

While there are numerous local- and state-level data protection requirements, there are several major government legislative compliance laws that require service providers to obtain Certificates of Destruction when acceptable methods of information disposal are followed, which include the use of software to overwrite media, data purging through degaussing, or total destruction of the media through means such as pulverization, incineration, or shredding.

This is not an exhaustive list by any means, but it provides an idea of the types of protections that are in place and why Certificates of Destruction are such a crucial component in the lifecycle of private consumer data.

Learn Recycling Used Commercial Electronics

A Data Destruction Service Devoted to a Greener Planet

To alleviate the burdens on businesses of managing the disposal of outdated data storage mediums, 1 Green Planet offers free disposal of appliances and technology, as well as data destruction services in line with federal requirements, complete with providing complete Certificates of Destruction. Contact us today to set up a pick up or arrange to drop off your equipment.

More about Hospitals IT Equipment eWaste Recycling Services.