Achieving sustainability through lifecycle management.
Digital transformation is affecting all manner of industries and businesses today as organisations seek to transform business operations, improve staff productivity and build a competitive and profitable company for the future. This could mean moving systems to the cloud, updating end-user devices, increasing automation, or all three, but whatever technology is implemented, it should contribute to improving agility within the business.
However what can often be overlooked in the race to transform, is what happens to the old technology. Whether the equipment is intended for disposal or for recycling environmental legislation requires organisations to 'ensure that waste is recovered or disposed of without endangering human health or causing harm to the environment'.
In addition, any data held on this technology must be 'handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage' according to GDPR regulations.
Organisations may seek partners to help them with the physical and data disposal of their assets, however it is important for them to understand the implications of the legislation and the dangers of getting it wrong.
The UK Waste Electrical and Electronic Equipment (WEEE) Regulations were first introduced in 2007 with the aim of reducing the amount of electrical and electronic equipment (EEE) ending up in landfill. Their main aim is to force manufacturers, producers and distributors of electronic equipment to put in place methods for safe disposal. Any business which purchases IT equipment is responsible for making sure that their technology is treated, recycled, recovered or disposed of correctly.
Any organisation that collects personal data has an obligation to protect it in terms of ensuring appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, and using the correct technical or organisational measures. In essence, it's about maintaining the integrity and confidentiality of employee, customer or third-party data.
Therefore, once tech equipment has become end of life, it's essential to ensure that the data is wiped and cannot be recovered under any circumstances. And it's not just the obvious technology such as servers and PCs that requires this attention. Printers...