Every information technology (IT) asset — including computers, tablets, and TVs — eventually becomes obsolete. However, you should not throw outdated electronics out with the rest of your trash. Doing so is wasteful, bad for the environment, and risky to your personal safety.
Read this article to learn about the proper way to dispose of computers. We cover some key dos and don’ts of computer disposal, the benefits of recycling, legal requirements, and how an IT asset disposition (ITAD) company can properly prepare electronics for recycling.
3 Computer Disposal Dos and Don’ts
Disposing of computers requires you to follow certain standards. Here are three dos and don’ts to help you get started down the right path:
1. DON’T Put Old Computer Equipment Out With the Trash
Putting your computer, laptop, phone or tablet out at the curb on trash day may seem like the quickest and easiest option for getting rid of it. It also poses the most risk to you, the environment, and human safety. Batteries are one of the leading causes of fires and health hazards at material recovery facilities, and when you consider how many of our personal electronic devices use batteries these days, you can understand why sanitation companies don’t want them in your curbside bin.
But the biggest risk is to your personal data. Computers that don’t go through proper data destruction or sanitization can be hacked and scraped for data long after they’re taken offline – and you could be liable for what they find.
Besides, why waste something that can be repurposed and remade? Even outdated electronics have useful components and materials, but they’re not going to be of use to anyone in a landfill.
2. DON’T Try to Delete Your Data Yourself
Before you dispose of your computers, you’ll want to back up all of the information onto permanent or cloud storage systems. Once the data is backed up, you just hit delete and it’s gone, right?
Not exactly. Do-it-yourself methods of removing data, like emptying your recycle bin, performing a “factory reset,” degaussing your hard drive, or even smashing your computer with a hammer, are not enough to guarantee that the data can’t be recovered. Data that is simply “deleted” from a hard drive still exists until that drive is rewritten or destroyed. If you want peace of mind about your data, don’t rely on these methods alone.
3. DO Contact a Professional Data Destruction Company
Once you’ve backed up your files, contact a professional data destruction or electronics recycling company. To ensure your computers are properly disposed of, pick a professional electronics recycling company that provides the following services:
- Data audits and reporting: The proper paper trail can protect you from liability in the event of a data breach. Reports should detail the make, model, and serial numbers of each asset and how they were prepared for disposal.
- Certificates of Destruction and Disposal: In addition to reports, these documents are often required as proof that proper procedures were followed and to establish the chain of custody.
- Secure transportation and facilities: Your computers are vulnerable from the moment they leave your property. A data destruction provider with their own transportation and crew removes the element of risk from transit & shipping.
Never use uncertified data destruction or computer disposal companies. Many uncertified recyclers collect electronics and sell them without data security protocols or safeguards, exposing you to various threats, including identity theft, data theft, and data loss. This, in turn, may also cost you a fortune in penalties, reputational damage, and legal fees.
In contrast, certified data destruction and computer disposal companies comply with relevant laws and regulations. They safeguard protected health information (PHI) and personally identifiable information (PII) when discarding electronics.
Legal Requirements for IT Asset Disposal
Hiring the right computer disposal company doesn’t only protect you from cyber threats. It also ensures compliance with international, national, state, and industry-specific privacy laws, such as:
General Data Protection Regulation
The General Data Protection Regulation (GDPR) applies to companies handling the personal data of European Union (EU) residents, including businesses established outside of the EU if they sell services or goods to EU residents or monitor their data.
To comply with the GDPR, companies must do the following when eliminating, clearing, or erasing digital content:
- Give users an option to delete all personal data, including browsing and sales histories. This must be a practical option that eliminates old data and stops the flow of new content as soon as possible.
- Ensure old content or data is securely erased. Just deleting it through the server or operating system isn’t enough — you need to hire a certified computer disposal company to erase your data.
- Properly dispose of the hardware. A certified data destruction company can perform permanent erasure solutions on your hardware, such as degaussing. The company can also crush, shred, and incinerate your computer for full compliance.
California Consumer Privacy Act
The California Consumer Privacy Act (CCPA) enhances consumer protection and privacy rights for residents of California. It applies to any for-profit entity that does business in California and meets one or more of the following:
- Has an annual gross revenue of over $25 million
- Buys, sells, or receives the personal information of 50,000 or more households, consumers, or devices
Under the CCPA, consumers have the right to request the deletion of personal data from companies that have collected it from them. As with the GDPR, deleting files from your site or hard drive is not enough — you also need to securely destroy, recycle, or repurpose various IT equipment types.
The CCPA will be amended by the California Privacy Rights Act in January 2023. Starting then, it will only apply to entities that do business in California and meet any of the following criteria:
- Have a gross annual revenue of over $25 million
- Derive 50% or more of their annual income from sharing or selling Californians’ personal information
- Buy, receive, or sell the personal data of 100,000 or more Californian households, devices, or residents
Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act (HIPAA) ensures reasonable safeguards for data protection. To comply with HIPAA standards, you must:
- Encrypt all PHI on devices and delete the decryption or encryption key to prevent future decryption
- Destroy hard drives through drive shredding or magnetic degaussing when necessary
- Destroy data while maintaining appropriate privacy safeguards, such as block read and unerase utilities
- Train staff members who are involved in the data destruction process
Start Recycling Your Computers the Right Way Today
As you can see, proper data destruction and computer disposal can be a complex process.
Luckily, Cobalt has your back. As a certified ITAD company, we offer data destruction services and electronics recycling for businesses, governments, schools, non-profits and other organizations that rely on a heavy IT infrastructure and require top-notch security. We accept a wide range of standard office equipment, including:
- Computers
- Network equipment, including modems, servers, and routers
- Hard drives and external storage
- Tablets and laptops
- Scanners, printers, and copiers
- Computer accessories, including docking stations, mice, keyboards, and speakers
Contact Cobalt today to learn more about our services and how we can help you.