Terms Of Use
1. Acceptance of Terms of Use and Amendments
Each time you use or cause access to this website, you agree to be bound by these Terms of Use, as amended from time to time with or without notice to you. In addition, if you are using a particular service on this website or accessed via this website, you will be subject to any rules or guidelines applicable to those services, and they will be incorporated by reference within these Terms of Use. Please read the site’s Privacy Policy, which is incorporated within these Terms of Use by reference.
2. The Site Editor’s Service
This website and the services provided to you on and via this website are provided on an “AS IS” basis. You agree that the site editor reserves the right to modify or discontinue provision of this website and its services, and to remove the data you provide, either temporarily or permanently, at any time, without notice and without any liability towards you. The site editor will not be held responsible or liable for timeliness, removal of information, failure to store information, inaccuracy of information, or improper delivery of information.
3. Your Responsibilities and Registration Obligations
In order to use this website or certain parts of it, you may be required to register for a user account on this website; in this case, you agree to provide truthful information when requested, and — if a minimum age is required for eligibility for a user account — you undertake that you are at least the required age. By registering for a user account, you explicitly agree to this site’s Terms of Use, including any amendments made by the site editor that are published herein.
4. Privacy Policy
Registration data and other personally identifiable information that the site may collect is subject to the terms of the site editor’s Privacy Policy.
5. Registration and Password
If you create a user account on this site, you are responsible for maintaining the confidentiality of your password. You will be responsible for all usage of your user account and username, whether authorized or not authorized by you. You agree to immediately notify the site editor of any unauthorized use of your user account, username, or password.
6. Your Conduct
You agree that all information or data of any kind — whether text, software, code, music, sound, photographs, graphics, video or other materials (“content”) — made available publicly or privately, is the sole responsibility of the person who provided said content. You agree that this website may expose you to material that may be objectionable or offensive. The site editor will not be responsible to you in any way for content displayed on this website nor for any error or omission.
By using this website or any service provided, you explicitly agree that:
(a) You will not provide any content which may be construed as unlawful, illegal, threatening, harmful, abusive, harassing, stalking, tortious, defamatory, libelous, vulgar, obscene, offensive, objectionable, pornographic, designed to interfere with or disrupt the operation of this website or any service provided. Any content submitted that is infected with a virus or other destructive or deleterious programming does give rise to civil or criminal liability. Any content provided or conduct violating applicable local, national, or international law is a breach of our Terms of Use.
(b) You will not impersonate or misrepresent your association with any person or entity; you will not forge or otherwise seek to conceal or misrepresent the origin of any content provided by you.
(c) You will not collect or harvest any information about other users.
(d) You will not provide, and you will not use this website to provide, any content or service in any commercial manner, or in any manner that would involve junk mail, spam, chain letters, pyramid schemes, or any other form of unauthorized advertising or commerce; you will not use this website to promote or operate any service or content without the site editor’s prior written consent.
(e) You will not provide any content that may give rise to the site editor being held civilly or criminally liable, or that may be considered a violation of any local, national or international law, including — but not limited to — laws relating to copyrights, trademarks, patents, or trade secrets.
7. Submission of Content on this Website
By providing any content to this website:
(a) You agree to grant the site editor a worldwide, royalty-free, perpetual, non-exclusive right and license (including any moral rights or other necessary rights.) to use, display, reproduce, modify, adapt, publish, distribute, perform, promote, archive, translate, and to create derivative works and compilations, in whole or in part. Such license will apply concerning any form, media, or technology already known at the time of provision or developed subsequently.
(b) You warrant and represent that you have all legal, moral, and other rights necessary to grant the site editor the licenses specified in this section 7.
(c) You acknowledge and agree that the site editor will have the right (but not obligation), at the site editor’s entire discretion, to refuse to publish, or remove, or block access to any content you provide, at any time and for any reason, with or without notice.
8. Third-Party Services
Goods and services of third parties may be advertised and/or made available on or through this website. Representations made regarding products and services provided by third parties will be governed by the policies and representations made by these third parties. The site editor will not in any manner be liable for or responsible for any of your dealings or interactions with third parties.
9. Indemnification
You agree to indemnify and hold harmless the site editor and the site editor’s representatives, subsidiaries, affiliates, related parties, officers, directors, employees, agents, independent contractors, advertisers, partners, and co-branders, from any claim or demand, including reasonable legal fees, that may be filed by any third party, arising out of your conduct or connection with this website or service, your provision of content, your violation of these Terms of Use, or any other violation by you of the rights of another person or party.
10. Limitation of Liability
You expressly understand and agree that the site editor will not be liable for any direct, indirect, special, incidental, consequential, or exemplary damages; this includes but is not limited to, damages for loss of profits, goodwill, use, data, or other intangible losses (even if the site editor has been advised of the possibility of such damages), resulting from
(i) the use of services or the inability to use services,
(ii) the cost of obtaining substitute goods and/or services resulting from any transaction entered into on through services,
(iii) unauthorized access to or alteration of your data transmissions,
(iv) statements by any third party or conduct of any third party using services, or
(v) any other matter relating to services.
In some jurisdictions, it is not permitted to limit liability and, therefore, such limitations may not apply to you.
11. Reservation of Rights
The site editor reserves all of the site editor’s rights, including but not limited to any and all copyrights, trademarks, patents, trade secrets, and any other proprietary right that the site editor may have in respect of this website, its content, and goods and services that may be provided. The use of the site editor’s rights and property requires the site editor’s prior written consent. By making services available to you, the site editor is not providing you with any implied or express licenses or rights, and you will have no rights to make any commercial use of this website or provided services without the site editor’s prior written consent.
12. Applicable Law
You agree that these Terms of Use and any dispute arising out of your use of this website or products or services provided will be governed by and construed in accordance with local laws applicable at the site editor’s domicile, notwithstanding any differences between the said applicable legislation and legislation in force at your location. By registering for a user account on this website, or by using this website and the services it provides, you accept that jurisdiction is granted to the courts having jurisdiction over the site editor’s domicile and that any disputes will be heard by the said courts.
Q&A and Regulations
What is End-of-Life Data Destruction?
Physical destruction is the preferred option for data destruction on magnetic media that will not be used any longer, even if the device is faulty. There are two methods: crushing and shredding. The PL Crusher uses powerful force applied to the drive chassis to buckle and/or pierce it. The internal platters and read/write heads are damaged beyond reasonable recovery methods, making the drive inoperable. Shredders use large cutting heads that rip drives to shreds as they enter the cutting machine.
Typically, Crushers are used in lower volume applications of less than a few hundred per day. Shredders are larger automated machines that can be operated continuously over a long period of time, making them ideal for very high volume destruction.
For most magnetic media, a crusher used on its own is acceptable. However, for highly classified information, or for extreme security requirements, storage devices may be subject to a two-step approach by also degaussing or shredding in addition to crushing.
Pure Leverage Hard Drive Crusher Compliance
By crushing the case and bending the platters in hard drives, the PL Crusher operation fits the Regulations definition of Destruction…
Many Standards and Regulations refer to “destruction”. Crushing fits the description of destruction. Circuit boards are cracked and wires are broken, disks are bent. As you know, there is no way that a HD platter could ever be flattened to the point that heads could fly over the surface and read the data. In addition, the recording surface micro-flakes on the bends, and surface areas get scratched.
PLC has sold many crushers to health organizations under HIPAA regulations, banking organizations subject to GLBA, and organizations that are certified by National Association of Information Destruction (NAID). You do not need to wipe the drives first. They are destroyed and no data is recoverable by any conventional means. It is by practical means that any reasonable judgement would deem them destroyed and unrecoverable.
Regulation Notes
NIST: Abstract 800-88… Media sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort. In addition, the bulletin refers to these definitions for acceptable destruction:
Bend: The use of a mechanical process to physically transform the storage media to alter its shape and make reading the media difficult or infeasible using state of the art laboratory techniques.
Destroy: A method of sanitation that renders target data recovery (using state-of-the-art laboratory techniques) infeasible and results in the subsequent inability to use the media for storage of data.
Disintegration: A physically Destructive method of sanitizing media; the act of separating into component parts.
Deduction: Crushing the circuit board and disk(s) fits the description of “destroy”. We sell our crushers to many government and health organizations which are subject to the strict guidelines of HIPAA.
HIPAA Disposal Requirements
The HIPAA Privacy Rule requires organizations to follow certain guidelines when disposing of computer hard drives containing ePHI (electronic Personal Health Information). In general, healthcare providers and covered entities must implement “reasonable” safeguards to the limit the exposure of ePHI all the way through destruction.
Electronic media that contains ePHI should be rendered “unusable and/or inaccessible”. One method is to “physically damage it [hard drive] beyond repair, making the data inaccessible”.
NSA: Meeting Recommendations
PLC has submitted our Crusher to be on the list of approved crushers on the NSA list. Though we fit the NSA requirements and definition for destruction, they have left us off the list for now only because we do not ship the crusher with a shroud. We understand they must be extra cautious on what is on their list, but we are happy we fit the requirements for destruction, and are pondering a shroud, though it is not needed. It is effective in device destruction.
The Gramm-Leach-Bliley (GLB) Act for Financial Institutions
Many financial institutions collect personal information from their customers, such as their names, addresses and phone numbers; bank and credit card account numbers; income and credit histories; and Social Security numbers. The Gramm-Leach-Bliley (GLB) Act requires financial institutions to ensure the security and confidentiality of this type of information.
As part of its implementation of the GLB Act, the Federal Trade Commission (FTC) has issued the Safeguards Rule. This Rule requires financial institutions under FTC jurisdiction to secure customer records and information, and to train employees to take basic steps to maintain the security, confidentiality and integrity of customer information.
Here are some suggestions on how to maintain security throughout the life cycle of customer information that is, from data entry to data disposal: Shred or recycle customer information recorded on paper and store it in a secure area until a recycling service picks it up; Erase all data when disposing of computers, diskettes, magnetic tapes, hard drives or any other electronic media that contain customer information; effectively destroy the hardware; and promptly dispose of outdated customer information.
ARGUMENTS FOR DESTRUCTION (Expound on these points in your next Security meeting!)
You may have several reasons for keeping a stockpile of old hard drives and backup tapes. Maybe procrastination has gotten the better of you. Perhaps you think you may need to access that expired data someday or you’re concerned about outsourcing the destruction of your media. Whatever your concerns, fear is no replacement for the facts, so here are five good reasons you should destroy your old data media.
1.Data Security
Old hard drives are a security liability. A single device can store hundreds of thousands of confidential data files, and electronic data can be compromised even when it’s out-of-date or the device it’s stored on is inoperable.
Deleting digital files from a device doesn’t completely obliterate the data. With the right tools and software, identity thieves and criminals bent on business fraud can still extract information from a hard drive. Physical destruction of your devices is the best way to lower your company’s data breach exposure.
2. Legal Compliance
Data breach consequences include fines and even criminal prosecution for failing to protect consumer information. Each of the following laws require organizations to safeguard personal, health and financial records from unauthorized access:
HIPAA
GLB
FACTA
Destroying your hard drives helps keep your business compliant with these privacy regulations.
3. Cost Savings
In addition to fines and other costs associated with a data breach, don’t overlook the cost of storing old backup media. Every square inch counts when you’re paying a premium for office space. Hoarding outdated computers and storage media means there’s less room for revenue-generating activities.
Some organizations may consider wiping data from the hard drives with special software, but paying for the employees to do that work, and setting up equipment to do so is expensive. The costs of wiping a hard drive (employee time, equipment and software), is actually more than the value of a new replacement device.
Incorporate regular hard drive destruction and recycling into your data security plan to maximize profitability.
4. Client Trust
You work hard to gain the trust of your customers and wouldn’t want to throw it away by compromising their data. Having your old hard drives securely destroyed helps ensure total information privacy for your customers and your business.
5. Brand and Reputation Protection
Besides creating a whirlwind of legal and financial problems for your business, stolen data can permanently damage your corporate brand and reputation. Some businesses never fully recover from a corporate data breach because of the punishing costs and destruction of the brand.
Media destruction keeps your information safe so consumers continue buy products and services from a company they know and respect. Don’t let excuses get in the way of protecting your information. Destroying your old hard drives makes too much sense.