The seemingly endless need to upgrade and improve our IT and communications hardware is nothing new. Ever more sophisticated software inevitably requires more computing power – both on the desktop and in the smartphone.
Not surprisingly, this has led to a growing problem of e-waste: underpowered computers, obsolete handsets and the like are becoming a problem for society as a whole and for businesses in particular.
While proper recycling through a specialist e-waste recycling agency is the responsible thing to do for all parties, there is a further complication for business users of which we have been aware for some years. And that is data security.
In the wake of last month’s new legislation on mandatory reporting of data breaches, it is worth noting that IT industry figures indicate that around 16% of all data breaches occur at asset disposal.
It is all too easy to forget that valuable and sensitive data is at the heart of all our IT and communications activities, whether it be a mailing list held on a computer hard drive or even something like a sales contact database on a smartphone. And the release of such data during the disposal of equipment can constitute a notifiable data breach.
Under the new legislation, the consequences can be significant. Noncompliance with the Notifiable Data Breaches scheme is punishable by civil penalties of up to $340,000 for individuals and up to $1.7 million for companies.
Speaking personally for Industry Update, I have always ensured that the hard drives have been removed from all our surplus computers before they have been sold or recycled. And they are kept under lock and key (at a secret location).
I have been amazed at the numbers of people who have told me that this was overkill. But I have always maintained that as a media organisation we are entrusted with data about our readers and our advertisers and they all have a right to privacy.
Now it seems the law agrees.