E-waste and GDPR – how to comply
Today, it’s impossible not to rely on electronic items for both business and socially.
Your electronics have come to the end of their life. Do you know what to do regarding disposing of electrical items without harming the environment and compromising your data security?
From something as simple as the office PC, to photocopiers, smartphones or smart speakers – our lives wouldn’t be the same without them. They hold so much data and we expect them to last. But unfortunately, they do have a shelf life.
GDPR overview
In case you’ve been in a bubble for the past year or so, you’ll have certainly heard of the General Data Protection Regulation (GDPR). These regulations came into force in May 2018. They provide us all with reassurance that businesses and organisations are handling and processing both our personal and business data in a responsible and secure manner. GDPR not only encompasses digital records but also refers to hardware, software and mobile devices as well as the storage and disposal of paper records. Businesses both large and small should now have a policy and procedure as to how they seek to comply with GDPR and avoid a potential data breach and a fine.
Disposal of e-waste
Currently, the Waste Electrical and Electronic Equipment (WEEE) regulation offers guidance to businesses on disposing of electrical items. Electronic items contain a variety of metals, plastics and glass that can be re-used if dismantled and handled properly. Any item containing a battery must also be handled carefully. Don’t forget that laptops, mobile phones and remote controls all contain batteries that need recycling. Avoiding landfill and preserving our precious elements is something we should all be conscious of.
How does GDPR relate to e-waste?
Presently only a fraction of e-waste is documented as being recycled. This leaves a significant gap and potential data breach that is a true threat for businesses. The proper handling of e-waste is not just a data security issue, but an environmental one. Under GDPR, both the controller of the e-waste and the processor are responsible for adequate disposal.
How to dispose of responsibly for GDPR
The most responsible way of disposing of electrical items is to arrange for it to be handled by a registered waste carrier. These specialist companies have the experience to know how the individual item should be disposed of, for example a hard drive containing sensitive company information is handled differently to a computer monitor. Throwing out your electronic waste along with your regular rubbish could pose a significant risk to your data security. Any appliance with a hard drive must be backed up if needed, then wiped using special software prior to removal. That way you can be doubly sure that the data contained has been erased. A compliant waste carrier will then degauss the hard drive (wipe the data using a magnet) prior to shredding in a secure environment.
If you need help or guidance on disposing of electrical items, then please contact us for more information or a detailed quote.