Hard Drive Destruction & ITAD
Portis, Inc. focus is to provide regulatory compliant Hard Drive Destruction Services compliant with government and industry standard requirements including:
- DOD Up to Secret Classification
- GDPR (General Data Protection Regulation)
- GLBA (Gramm-Leach-Bliley Act)
- HIPAA (Health Information Portability and Accountability Act)
- NIST SP 800-88r1
- NSA/CSS SDDM 9-12
- PCI DSS 3.2 (Payment Card Industry Data Security
Standard) - PIPEDA (Personal Information Protection and Electronic
Compliant Documents Act)
In addition to properly destroying decommissioned hard drives, we offer ITAD and Smart Phone Data Destruction Services.
Today’s Action Plan
Prevent a data breach when disposing of hard drives and equipment with hard drives such as computers, laptops, desktops, servers, laser printers, etc. Government and industry standards require complete erasure of sensitive data prior to ITAD services.
Portis, Inc. provides evidence of compliant hard drive destruction. The Certificate of Destruction provided is documentation of due diligence to appropriately destroy the following that is recorded on hard drives:
- Proprietary Information (PI)
- Also known as a trade secret, is information a company wishes to keep confidential. Proprietary information can include secret formulas, processes, and methods used in production. It can also include a company’s business and marketing plans, salary structure, customer lists, contracts, and details of its computer systems. In some cases, the special knowledge and skills that an employee has learned on the job are considered to be a company’s proprietary information.
- Personal Identifying Information (PII)
- Most companies keep sensitive personal information in their files—names, Social Security numbers, credit card, or other account data—that identifies customers or employees. This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls into the wrong hands, it can lead to fraud, identity theft, or similar harms. Given the cost of a security breach—losing your customers’ trust and perhaps even defending yourself against a lawsuit—safeguarding personal information is just plain good business.
- Protected Health Information (PHI) / Electronic Protected Health Information (e-PHI)
- The HIPAA Privacy Rule protects most “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or medium, whether electronic, on paper, or oral. The Privacy Rule calls this information protected health information (PHI)2. Protected health information is information, including demographic information, which relates to:
- the individual’s past, present, or future physical or mental health or condition,
- the provision of health care to the individual, or
- the past, present, or future payment for the provision of health care to the individual, and that identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual. Protected health information includes many common identifiers (e.g., name, address, birth date, Social Security Number) when they can be associated with the health information listed above.
- The HIPAA Privacy Rule protects most “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or medium, whether electronic, on paper, or oral. The Privacy Rule calls this information protected health information (PHI)2. Protected health information is information, including demographic information, which relates to:
Our focus is on properly destroying decommissioned hard drives. We provide regulatory compliant Hard Drive Destruction & ITAD Services.