ADISA and data security – What advice would you give to companies?

Who are ADISA and what role do they play in data security?

Incorporated in 2010, ADISA has spent over 10 years promoting best practices for data sanitisation and data protection working with organisations across the globe. As a certification body, ADISA data security offers independent validation of compliance to our own Standards to help organisations have confidence in their suppliers or in their own business process.

In 2021, ADISA Standard 8.0 was formally approved by the ICO as a UK GDPR Certification Scheme and the certification process was approved by UK Accreditation Service (UKAS) in August 2022.

ADISA Standard 8.0

What advice for companies looking to release IT assets?

When looking to dispose of IT assets, companies first need to change their perception of those assets. If businesses are treating IT equipment as a waste byproduct for the business, so for example are these items sitting in a cupboard that nobody cares about, this perception will often lead to the poor treatment of those assets.

Assets can and should be treated as important to the company, therefore if those items are treated as important engaging with companies who share this outlook will ensure a better outcome. Specialist companies in the processing of electronic waste (e-waste) understand the complexities of handling these items responsibly. An example of this is the treatment of persistent organic pollutants, these chemicals present in e-waste have to pass a number of assessments in order to comply with current legislation.

Lastly, companies should look to redesignate equipment as potentially suitable for reuse. Just as an asset may have reached its useful lifecycle at a business, this does not mean that the same asset is not useful if repurposed. IT equipment can be repurposed within an organisation or can be donated to charities specialising in bridging the digital poverty gap. There are therefore multiple ways retired equipment can do good either via philanthropy or the sustainable benefits of reusing equipment and extending the lifecycle of current assets.

Are there any risks associated with the redistribution of IT Assets?

Distribution of assets especially those that hold data can come with risks. Protection of sensitive company information is essential for corporate reputation. The loss or leaking of this information can have very real-world consequences if for example GDPR laws have been found to have been broken. With this in mind, the importance of certification cannot be overstated. Companies holding the correct certificates provide businesses with the reassurance that their assets and by extension company information is treated properly and in line with relevant legislation.

Further advice for companies

Businesses should certainly use a certified company but using certified products for sanitisation is really important as well. Lots of organisations specify products or even an approval scheme within their contracts but they need to be very careful which schemes. Companies need to check and continue to check validity, schemes and accreditation bodies can be merged, lapse, or cease to exist. If this is not possible using an accredited partner is essential as they ensure that all accreditations are up to date and legally compliant for the service that is required.

For more information on the data security services S2S Group offer, you can either get in touch, or read more on the full service list.

Do you have an IT recycling requirement?