April 15 2010 - Disposal of e-waste and proper data destruction
Any larger organization likely has in place policies to deal with end-of-life electronic products, including computers, printers, copiers, cell phones, etc. This is probably taken care of by those responsible for IT infrastructure within the organization.
However, it is essential that the individual(s) responsible for the protection of personal information within an organization be aware of how these devices are disposed of, and that policies are in place to ensure that personal information (and other confidential data) is completely erased before any device leaves the custody of the organization.
This issue of PrivacyScan looks at how e-waste is currently dealt with in Canada, and how to ensure that organizations can properly dispose of e-waste without exposing individuals to unnecessary risks through the inadvertent disclosure of personal information.