Data Destruction

Call us today on 0333 323 7677

WEEE Shred UK offers a secure certified data destruction service which supports organisations in meeting compliance requirements and environmental responsibilities e.g. the WEEE directive.

Our flexible expert approach offers organisations the ability to destroy data with a full traceable audit trail. We assess our customers’ requirements on a case-by-case basis and thus provide an accurate and fair cost prior to a project being undertaken.

Following on from the recent record fine for improper IT disposal, the information Commissioner’s Office has just released guidance notes on how organisations can avoid similar action when disposing of their data carrying equipment.

Get a Quotation

Data Destruction

What differentiates our service from the competition?

  • Use of our own satellite tracked vehicles and security cleared drivers
  • Full UK coverage with no minimum collection quantities
  • Full Environmental Permit and Authorised Treatment Facility
  • 96.4% client retention rate since 1999
  • ADISA accredited (Asset Disposal & Information Security Alliance)
  • Members of ICER (Industry Council for Electronic Equipment Recycling)
  • Safe Contractor accredited
  • ISO 9001, ISO 14001 and ISO 27001 accredited
  • Investors in People accredited
  • Security cleared staff
  • Open book pricing policies with guaranteed rebates
  • Data wiping and certification to the highest recognized standards
  • Comprehensive asset reporting
  • Customer employee purchase schemes managed FOC
  • No hidden extras

On the day of collection we provide both a Duty of Care Transfer Note and Hazardous Waste Consignment Note, which have to be signed by both the customer and a WEEE Shred representative.

A comprehensive asset report is produced for every collection. Every item of equipment except for minor peripherals is logged into the asset report. Asset reports are forwarded in electronic format.

A typical asset report will include the following information as a minimum, although additional information can be added if required:

  • Make, model and specification of each item of equipment
  • Unique barcode asset number for each item of equipment
  • Equipment condition (Grade)
  • Customer asset number if applicable
  • Equipment serial number
  • Data erase certification for individual hard drives
  • Confirmation of resale or disposal
  • Additional comments
  • Collection summary

The Importance of using an ADISA accredited company

Launched in October 2010, the Asset Disposal and Information Security Alliance (ADISA) is a group of leading experts on the area risk management, compliance and data protection within the area of IT Asset Disposal.

The primary ADISA objective is to highlight the IT security risk within the asset disposal process and to work with all parties to help improve service quality, raise professionalism and ensure data is protected by an acceptable sanitisation process.

ICO Recommendation: Create an asset disposal strategy – this needs to:

  • Include clear instructions on desire to re-use, re-cycle or destroy.
  • Conduct a risk assessment of the disposal process.
  • Identify devices containing personal data.
  • Catagorise the personal data.
  • Ownership of the chain of custody when using a third-party service provider.

ICO Recommendation: When selecting an IT asset disposal company, you should:

  • Choose a company that offers sufficient guarantees about its security measures.
  • That uses independent approval of products.
  • Conduct a client site assessment and audit.
  • Continue to audit throughout the business relationship.

Information Security – the Importance of Certified Data Destruction

There are serious ramifications if sensitive company data falls into the wrong hands. Many organisations, and have been prosecuted under the recently updated 1998 Data Protection Act.

The 1998 Data Protection Act, a variety of compliance (ISO27001, PCI DSS etc…), and other legislative requirements make it mandatory adopt appropriate robust security measures. Organisations also have a responsibility to prevent unauthorised access, alteration or accidental loss or destruction of personal data. Failure to remove personal data from a computer’s hard drive may result in Crown Court prosecution and unlimited fines, which may include personal compensation claims.

The only way to permanently destroy data, without physically destroying the hard disk, is by multiple overwriting of the data by generating and recording random characters across the entire surface of the drive, resulting in all data being destroyed and file sizes reset to zero.

There is an increasing number of standards including the American Military standard DOD 5220.22-M or Infosec Enhanced Standard 5. In essence these standards dictate that the drive has to be over written a minimum of 3 times.

WEEE Shred UK uses the latest CESG approved overwriting software that exceeds this standard and allows us to overwrite our customer’s hard drives up to a maximum of ninety-nine times. In the event that a hard disc cannot be data erased or if it is below 40GB the drive will be shredded. All company references including permanent security markings will be removed from equipment.

For highly sensitive data WEEE Shred UK offers an on-site hard drive destruction service, where the customer can witness their own drives being destroyed on their premises. Our portable hard drive destruction unit is the only device of its type to be CESG approved. The crusher can destroy over 100 drives per hour and guarantees total hard drive destruction. It runs on standard electricity and can be used in an office environment with little or no disruption to surrounding staff.

There have been a number of high profile cases over the years where leading companies have fallen foul of the data protection act by allowing sensitive and/or privileged information to reach the public domain. In most cases this can be traced back to the IT disposal company who simply did not take appropriate measures to erase or safeguard their client’s information.

Our data erase software is one of only 3 that is CESG approved and our wiping process meets the highest recognised standards in the UK. We produce a certificate for every hard drive detailing the drives make and serial number.

Under the WEEE Directive you still cannot dump redundant electronic equipment, thus you will have to engage the services of a reputable IT disposal company. In addition to your recycling responsibilities you must adhere to the Data Protection Act and ensure that all data is wiped and certified.

Additional Services

WEEE Waste Service

WEEE Shred UK offers a WEEE waste recycling service that will support organisations in meeting compliance requirements and environmental responsibilities e.g. the WEEE directive. Our flexible expert approach offers organisations the ability to responsibly recycle and dispose of WEEE equipment and provide a fully traceable audit trail.

Shredding Service

WEEE Shred UK is a better alternative for all your secure shredding services, including hard drive shredding, disposal of confidential information and recycling. We place great emphasis on your company and employee security, data protection compliance and outstanding
customer service.

FAQs

Latest News

Contact Us