TRAKK-IT Quote

ADISA and Data Security – Explaining Standard 8.0 and GDPR Compliance

By Nathan Church

Posted 6th November 2023

Earlier this year, S2S Group extended an invitation to Steve Mellings, the founder and CEO of ADISA, to provide his insights on the current challenges within data security and the future trajectory of the sector.

WEEE

Over the past decade, ADISA has dedicated its efforts to promoting best practices in data sanitisation and data protection. Presently, ADISA serves as a certification authority, collaborating with organisations worldwide and furnishing them with impartial assessments of their compliance with its own established standards. This invaluable certification instills confidence in these organisations regarding their suppliers and their internal business processes.

During this video interview, Steve engaged in a discussion with Rachel Hall, the Director of Operations at S2S Group, about how the ADISA Standard 8.0, a set of standardised criteria has been established for IT Asset Recovery and received approval from the ICO for UK GDPR compliance.

Also, how engaging with a certified company adhering to these criteria, can allow businesses to be confident that their chosen partner has undergone rigorous scrutiny, and can substantiate their adherence to GDPR regulations when delivering IT asset recovery services.

Main principles of ADISA Standard 8.0

  • Steve explains the main principles of the ADISA Standard 8.0 for ensuring GDP compliance.
  • The law includes requirements for appropriate technical and organisational measures, providing guarantees to customers, and setting up the relationship between the controller and processor.
  • ADISA Standard 8.0 has been pre-screened by ICO regulators and deemed sufficient for compliance.
  • The standard is based on business impact tables and assesses threat profile, risk appetite, volume of data, types of data, and the impact of a data breach.
  • The standard includes the protection of corporate secrets in addition to personal and special category data.
  • Organisations can use a software tool provided by S2S Group or ADISA to determine their compliance level and generate a service specification.
  • Using a certified company and the software tool makes compliance easier and has minimal impact on the organisation.

    • Standard 8.0 Video Interview Highlights

    • Steve explains the ADISA Standard 8.0 for GDPR compliance.
    • Standard 8.0 has been pre-screened and approved by regulators.
    • The standard is based on business impact tables.
    • It assesses threat profile, risk appetite, volume of data, types of data, and the impact of a data breach.
    • Corporate secrets are included in the high-level data protection requirements.
    • Software tools provided by S2S Group and Adisa simplify compliance assessment and generate service specifications.
    • Using a certified company and the software tool ensures legal compliance with minimal impact.

      • Do you have an IT recycling requirement?