Secure Mobile Shredding and. Solutions

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Secure Mobile Shredding and. Solutions"

Transcription

1 Secure Mobile Shredding and Data Erasure Solutions

2 SECURE MOBILE SHREDDING & DATA ERASURE SERVICES... NCE s mobile shredding and data erasure service permanently destroys your data in a secure and controlled manner. With data being so highly sensitive in today s competitive world, this process can be undertaken safely and confidentially at your own premises. Using cutting edge data destruction technology, NCE utilise specially designed shredding units that are fit for purpose and can shred hard disk drives to 6mm particles conforming to the most stringent standards and mandates. Our purpose built vehicles have the most advanced and state of the art document shredders installed so any data erasure requirements, whether that be paper or IT can be accommodated. To further complement our onboard services is a purpose built mobile data erasure laboratory that will meet all data sanitisation requirements. This means we are able to shred, erase and securely dispose of all of your IT, confidential documents and recycling needs at customer site, removing the need to transport and increase security issues. The mobile units also operate 12 onboard CCTV cameras allowing our customers to watch remotely, if required. The vehicles are further secured with steel re-enforced sidings and locks to avoid any of the units being compromised or accessed by unauthorised personnel. A TRUSTED TEAM Our team of security cleared personnel are of the highest pedigree and professionalism to install trust and peace of mind when working with sensitive company information. With the backup of a management team with over 65 years experience, our solutions comply with the following mandates and standards: HMG Security Policy Framework HMG IA Standard No. 5 Secure Sanitisation BE EN 15713:2009 Secure destruction of confidential material - Code of practice JSP 440 Joint Services Publication Data Protection Act 1998 You can rest assured that you have the most compliant and comprehensive service available in the industry delivering first class services to the highest standards. T +44 (0) W 3

3 WHY YOU NEED OUR MOBILE SHREDDING SERVICES... All businesses understand the importance of protecting their data but surprisingly lots of them do not use Secure IT and document shredding specialists. Instead they use lower level services or in-house resources to help dispose of sensitive or confidential data. Many businesses are working towards becoming environmentally better on how they handle IT and paper waste, but despite these efforts the office environment will still create a large amount of waste which needs to be handled in-line with legal and environmental legislation. NCE s mobile solution manages all of this whilst being able to reassure you we are handling the shredding at your location in a controlled and secure manner. By using NCE s reliable and market leading shredding & data erasure service means that your business will be able to avoid data and identity theft. When using our shredding and data erasure specialists, it enables your in-house resource to focus on business as usual activities. WHAT WE CAN PROCESS Data erasure of the following units: Hard disk drives, USB pens, Mobile phones, laptops, desktops, Server HDD technology. Shredding the following devices: Files, folders, HDDs, USB pens, CD s, Mobile phones, Credit cards, ID cards, DLT tapes AVOID DATA & IDENTITY THEFT Disposing of your computers HDD s, CD s, USB pens and paperwork should not be treated lightly and all measures to safeguard your confidential data should be embraced. Identity theft is on the rise and NCE has invested heavily against this growing threat with our purpose built vehicles and compliancy of our solutions. Our shredding & data erasure specialists will call at your office as frequently or infrequently as required, collect all of your unwanted IT and waste paper and shred it there and then, fully backed with a compliance and completion certificate. HIGH THROUGHPUT Our mobile shredding solutions are designed to process high volumes of IT and paper per day. With the ability to process large quantities of data bearing devices or confidential files quickly and securely all from within the secure mobile unit further reduces the risk of information leaking. T +44 (0) W 5

4 Secure Mobile Hard disk shredding services... NCE s hard drive destruction and secure shredding service has been designed and developed to keep your information confidential and secure. Hard drive destruction and data erasure services is the only secure way to permanently destroy and decommission hard disks. Using cutting edge data destruction technology, NCE utilise shredding units that are fit for purpose and can shred to 6mm particulates conforming to the most stringent standards and mandates. Hard drive destruction and professional disposal is one of the most secure ways to safely destroy your data whatever your line of business. The growing threat of identity fraud means it is now more important than ever to either protect or securely destroy IT and dispose of as part of your organisations Data Handling Procedures. NCE can process large volumes of destruction of electronic information stored on hard drives securely and handled by a trusted, authorised, approved and respected supplier. Our team of Security Cleared personnel install trust and give you peace of mind that our solutions comply with the following mandates and standards. HMG Security Policy Framework HMG IA Standard No. 5 Secure Sanitisation JSP 440 Joint Services Publication Data Protection Act 1998 Strict industry standards and government regulations are in place that force organisations to mitigate the risk of unauthorized exposure of confidential corporate and government data. These regulations include HIPAA (Health Insurance Portability and Accountability Act); FACTA (The Fair and Accurate Credit Transactions Act of 2003); GLB (Gramm- Leach Bliley); Sarbanes-Oxley Act (SOX); and Payment Card Industry Data Security Standards (PCI DSS). Failure to comply can result in fines and damage to company reputation, as well as civil and criminal liability. By utilising NCE s secure shredding services you mitigate the risk completely as it is impossible to reconstruct and recover the data once a unit has been shredded by our team. Compliant: Our hard drive destruction solutions are compliant with the data privacy legislation when provisioned to destroy and dispose of your paper or electronic data. Each completed collection comes with a destruction certificate as part of our standard service. Should you require a more detailed report around storage references, NCE would be happy to provide if requested, photo images of devices/ boxes which can be included into the destruction certificate. As with all NCE Security services, our mobile team are all security cleared. Environmentally Responsible: As well as being a secure means of data destruction and data disposal NCE s hard drive destruction service also offers one of the most environmentally friendly hard drive disposal processes available. NCE holds all required permits for recycling e-waste and is compliant with WEEE regulations, holds a Waste Carrier License and is ISO 9001 and ISO accredited. How many can we process? Our vehicles will shred media and HDD s from 6mm upwards. Depending on the size of shred required will depend on how many units we are able to process per day. Please call our service desk to request a quotation on the quantity, size of shred and how long this task will take. T +44 (0) W 7

5 CONFIDENTIAL PAPER SHREDDING SOLUTIONS... NCE is one of the UK s leading onsite and offsite shredding service providers for confidential paper shredding. Our state of the art fleet of vehicles can process paper to security level 3 at customer site, all within the confines of our specialised vehicles. Our vehicles operate 12 CCTV cameras onboard so that the customer if they wish can connect via the web and watch the confidential documents being shredded without having to leave their desk. This service is available to our customers across the UK. The service complies with the UK Data Protection Act and complies with the BSEN15713:2009 security shredding standard. With our standard service, each collection comes with a destruction certificate for auditing purposes. Should you require a more detailed report around storage references, we would be pleased to provide this including photo images of devices/boxes which can be included into the destruction certificate. Our mobile team are all security cleared. Any UK organisation has a legal obligation to protect the confidential information it holds on its employees, customers and suppliers. If this is not managed correctly it can result in serious fines or even imprisonment. The Information Commissioner s Office (ICO) can now fine businesses up to 500,000 per incident if data loss occurs as all information is classed as confidential. The UK government is taking data protection very seriously and the penalties being applied highlights the importance of data security as a policy in its own right. Using an accredited supplier that can destroy confidential material in a secure environment will give you peace of mind that you re Company and associates are protected against ID Fraud. Our processes and operations are ISO90001 and ISO certified which just strengthens our solutions and procedures, reassuring our customers have chosen an expert in the field. All our vans are equipped with GPS tracking and CCTV cameras throughout, which provides constant monitoring of any destruction process undertaken. Having made such a significant investment to provide our customers with an unparalleled level of security and confidentially means we are taking shredding services to a new level in security and service solutions. NCE is able to provide its customers with secure storage containers that are perfect for an office environment yet allow the paper to be collected and transferred to our secure destruction vehicles where we will shred the paper, documents and files, then produce the relevant destruction certificates. NCE state of the art secure mobile vehicles can shred over 300Kg per hour. Whilst at the same time conforming to security level 3, ensuring we can process large volumes of confidential files and data at speed. T +44 (0) W 9

6 Mobile data erasure services... NCE has developed a unique and market leading mobile data erasure solution all from within our secure mobile recycling vehicles. We have designed a data erasure lab that has the ability to wipe any form of media from HDD, Mobile phones, laptops, desktops, Server infrastructure to USB media. This is all done via our chosen data erasure solution software tool, Blancco. Blancco accreditations in this field are unmatched and is a fully certified and approved data erasure tool of choice in the market place today and enables our customers to rest assured we are handling their data erasure needs with the upmost confidence and control. Each unit wiped will have a unique certificate produced showing that the unit has passed the data erasure process. This will contain asset and serial number information allowing the customer to show the complete process end to end for auditing and legal requirements. The Mobile data erasure lab has 12 CCTV cameras installed allowing our customers to monitor the progress and ensure the activity is being completed in-line with their expectations. The secure unit allows NCE to replicate the same controlled data erasure processes and environment we have at our IT recycling facility at the customer s site, whilst allowing the customer to carry on with their day to day activity without any disruption to the working environment. The vehicle is completely self-sufficient and has two generators installed allowing us to carry out the activity in the remotest locations with resilience. If any device fails the data erasure process we are able within the same vehicle to shred or degauss the item within the same controlled environment. We are able to shred any unit down to 6mm fractions which conforms to all HMG and MOD requirements for shredding which just reinforces our solution is a one stop shop for all your data erasure and shredding requirements T +44 (0) W

7 Secure Containers for all your storage needs... As part of our mobile solutions, NCE understands it s customer requirements for onsite security and storage facilities. So, we have invested and developed, a range of solutions to enable our customers to securely store IT equipment at site prior to removal and processing on our mobile recycling vehicles. This is completed in three simple steps to make the whole experience easy to use... Choose the type of SecureOfficeBox that meets your IT disposal needs and we will ship them to you anywhere in the UK. You fill the SecureOfficeBox with the items you no longer require. Contact our service desk via or phone and we will arrange for our secure mobile vehicle to come to site and shred or erasure the equipment and documentation you have located in the containers. Once this has been completed you will receive: A certificate of destruction for the contents of the IT disposal box that we have processed. A data disposal certificate if we have data erased any hard disk drives or other data bearing devices A full asset report of all of the items that we processed through the disposal service T +44 (0) W

8 WHY CHOOSE... We are market leaders in mobile recycling services and have invested in a unique solution that has been designed to cater for every requirement that can occur within the IT recycling service request. We are able to manage and control any request effectively, securely and comply with all legal and environmental legislation. Our solution is the first of its kind that offers HDD, paper and data erasure services all within a secure, mobile, and self-sufficient recycling vehicle. It has been designed by a management team that has over 45 years experience with the IT recycling industry and a team that believe in service excellence and putting the customer s needs first. from within the same state of the art recycling vehicle. Shredding HDD s to 6mm is often talked about but having the ability to deliver this service from within our mobile vehicle and also data erasure services is unique and market leading. Our team of security cleared staff are focused on the needs of our customers and with a team that has overseen the disposal and reuse of over 3 million devices during their career history you can rest assured they will do all they can to ensure the customers experience is the most professional they have ever received. NCE s mobile shredding service is a completely unique solution that covers three core areas of IT and paper recycling, all 4 15 T +44 (0) W

9 NCE Computer Group (Europe) Ltd. 6 Stanier Road, Calne, Wiltshire, SN11 9PX. United Kingdom telephone +44 (0)

OUR SERVICES... SUPPLY CHAIN SERVICES ONSITE SERVICES IT RECYCLING SERVICES

OUR SERVICES... SUPPLY CHAIN SERVICES ONSITE SERVICES IT RECYCLING SERVICES SERVICES OVERVIEW OUR SERVICES... ONSITE SERVICES Onsite Shredding Services Onsite Data Erasure Services Onsite Document Destruction Services Onsite Hard Drive Destruction Services Data Centre Decommissioning

More information

Safe, Secure and Certified Data Destruction Solutions to meet your individual needs

Safe, Secure and Certified Data Destruction Solutions to meet your individual needs Safe, Secure and Certified Data Destruction Solutions to meet your individual needs Whether you require data destruction supplementary or exclusively to our IT disposal solution, our fully security screened

More information

Asset Management Ireland (AMI) The secure IT Asset Disposal Company that generates revenue for your business

Asset Management Ireland (AMI) The secure IT Asset Disposal Company that generates revenue for your business Asset Management Ireland (AMI) The secure IT Asset Disposal Company that generates revenue for your business Allow AMI to unlock the value in your redundant IT equipment by extending the lifecycle of your

More information

CCTM IA CLAIMS DOCUMENT (ICD) Data Eliminate Ltd

CCTM IA CLAIMS DOCUMENT (ICD) Data Eliminate Ltd CCTM IA CLAIMS DOCUMENT (ICD) Data Eliminate Ltd DESTRUCTION OF DATA ON HARD DRIVES, COMPUTER STORAGE MEDIA AND HANDHELD DEVICES INCORPORATING WEEE RECYCLING MANAGEMENT Version 1 VENDOR DETAILS Data Eliminate

More information

document destruction Our passion.

document destruction Our passion. document destruction Your office. Our passion. safeguard Our secure destruction service meets all the necessary compliances and helps to support ISO 9001, ISO 14001 and CSR objectives as well as improving

More information

Secure Storage, Disposal and Destruction of Electronic Equipment and Media Policy

Secure Storage, Disposal and Destruction of Electronic Equipment and Media Policy Secure Storage, Disposal and Destruction of Electronic Equipment and Media Policy Page 1 of 8 Secure Storage, Disposal and Destruction of Electronic Equipment and Media Policy EXECUTIVE SUMMARY Key Messages

More information

T: 01 88 45 999 www.cyclonearchive.ie. Records Management Made Simple.

T: 01 88 45 999 www.cyclonearchive.ie. Records Management Made Simple. Records Management Made Simple. Document Storage Cyclone offers customers a complete end -to-end service including box collection, bar code tracking, document retrieval, delivery, and status reporting.

More information

Shredding. Security. Recycling

Shredding. Security. Recycling Shredding Security Recycling WHO WE ARE PHS Datashred has the knowledge, capability and experience to ensure the safe and secure disposal of your confidential material. Trusted by over a third of FTSE

More information

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10) MIT s Information Security Program for Protecting Personal Information Requiring Notification (Revision date: 2/26/10) Table of Contents 1. Program Summary... 3 2. Definitions... 4 2.1 Identity Theft...

More information

IT ASSET DISPOSAL ISO 27001. ISO 14001 Registered Environmental Management. ISO 9001 Registered Quality Management

IT ASSET DISPOSAL ISO 27001. ISO 14001 Registered Environmental Management. ISO 9001 Registered Quality Management ISO 27001 IT ASSET DISPOSAL ISO 14001 Registered Environmental Management Registered Information Security Management ISO 9001 Registered Quality Management CONTENTS PAGE 04 WHO ARE STONE? PAGE 05 IT ASSET

More information

Fujitsu Asset Lifecycle Management Services

Fujitsu Asset Lifecycle Management Services Fujitsu Asset Lifecycle Management Services Reshaping ICT, Reshaping Business Contents 1.1 Introduction 3 1.2 Our approach 4 1.2.1 Fujitsu differentiators 5 1.3 Capability 6 1.3.1 Compliance 6 1.3.2 Tools

More information

SCANNING STORAGE SHREDDING WORKFLOW IT RECYCLING. www.phsdatasolutions.co.uk. www.phsdatasolutions.co.uk

SCANNING STORAGE SHREDDING WORKFLOW IT RECYCLING. www.phsdatasolutions.co.uk. www.phsdatasolutions.co.uk SCANNING STORAGE SHREDDING WORKFLOW IT RECYCLING DATA SCANNING Data is the lifeblood of many businesses and organisations, access to which is imperative to its productivity and its success. Organising

More information

www.neelb.org.uk Web Site Download Carol Johnston

www.neelb.org.uk Web Site Download Carol Johnston What I need to know about data protection and information security when purchasing a service that requires access to my information by a third party. www.neelb.org.uk Web Site Download Carol Johnston Corporate

More information

University of Liverpool

University of Liverpool University of Liverpool IT Asset Disposal Policy Reference Number Title CSD 015 IT Asset Disposal Policy Version Number v1.2 Document Status Document Classification Active Open Effective Date 22 May 2014

More information

That s why outsourcing using a Qualified Contractor is the best solution to the problem of assuring a compliant hard drive destruction audit trail.

That s why outsourcing using a Qualified Contractor is the best solution to the problem of assuring a compliant hard drive destruction audit trail. Why Zak Enterprises? Information contained on the hard drives of retired computers must be destroyed properly. Failure to do so can result in criminal penalties including fines and prison terms up to 20

More information

Form #57, Revision #4 Date 7/15/2015 Data Destruction and Sanitation Program. Mobile (ON-SITE) Data Destruction/Shredding Services

Form #57, Revision #4 Date 7/15/2015 Data Destruction and Sanitation Program. Mobile (ON-SITE) Data Destruction/Shredding Services Data Destruction and Sanitation Program Mobile (ON-SITE) Data Destruction/Shredding Services 1 Diversified Recycling utilizes state of the art equipment for their data destruction and eradication services.

More information

No More Disks. No More Data. No More Doubt. Goodbye Disks. Goodbye Doubt.

No More Disks. No More Data. No More Doubt. Goodbye Disks. Goodbye Doubt. No More Disks. No More Data. No More Doubt. Goodbye Disks. Goodbye Doubt. Data disposal can be a tricky path to navigate. You re looking for an answer, but there aren t many that are 100% reliable, can

More information

So the security measures you put in place should seek to ensure that:

So the security measures you put in place should seek to ensure that: Guidelines This guideline offers an overview of what the Data Protection Act requires in terms of information security and aims to help you decide how to manage the security of the personal data you hold.

More information

MEDIA AND IT ASSET DISPOSITION: YOUR GUIDE TO SELECTING A SUPPLIER

MEDIA AND IT ASSET DISPOSITION: YOUR GUIDE TO SELECTING A SUPPLIER MEDIA AND IT ASSET DISPOSITION: YOUR GUIDE TO SELECTING A SUPPLIER EXECUTIVE SUMMARY The combination of an increasingly mobile workforce and rapid technology innovation means organisations must work harder

More information

INTRODUCTION. For technical guidance on SIM access, your local C2k support manager.

INTRODUCTION. For technical guidance on SIM access, your local C2k support manager. INTRODUCTION Data Protection and Information Security Guidance Schools collect and process personal information to deliver educational services. The school is the Data Controller as it determines the purpose

More information

Information retention and disposal guide. Date: 31 October 2014 Version: 2.0

Information retention and disposal guide. Date: 31 October 2014 Version: 2.0 Information retention and disposal guide Date: 31 October 2014 Version: 2.0 Contents 01. Guidelines The data challenge 5 Compliance what is it and why is it important? 6 The compliant data journey 7 Case

More information

This factsheet is for: Senior management of small firms that handle, store or dispose of customers personal data in the course of their business.

This factsheet is for: Senior management of small firms that handle, store or dispose of customers personal data in the course of their business. FSA factsheet for All firms This factsheet is for: Senior management of small firms that handle, store or dispose of customers personal data in the course of their business. It explains: What you should

More information

Islington ICT Physical Security of Information Policy A council-wide information technology policy. Version 0.7 June 2014

Islington ICT Physical Security of Information Policy A council-wide information technology policy. Version 0.7 June 2014 Islington ICT Physical Security of Information Policy A council-wide information technology policy Version 0.7 June 2014 Copyright Notification Copyright London Borough of Islington 2014 This document

More information

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4

More information

Disposal & Destruction of Sensitive Data

Disposal & Destruction of Sensitive Data Disposal & Destruction of Sensitive Data Contents 1 Overview of Data Media Types 1.1 Non-Volatile Magnetic: Hard Disk Drives 1.2 Write Once Optical: CDROM and DVD- 1.3 Write Many Optical: CD-RW and DVD-RW

More information

Risk Management Authority

Risk Management Authority Risk Management Authority Records Management Plan RMA Records Management Plan 0 Contents Page 1. Introduction 2 1.1 Background 2 1.2 Records Management in the RMA 3 1.3 Records covered by this Plan 3 1.4

More information

A practical guide to IT security

A practical guide to IT security Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

More information

Data Security and Extranet

Data Security and Extranet Data Security and Extranet Derek Crabtree Schools ICT Support Manager derek.crabtree@merton.gov.uk Target Operating Model 2011 Merton Audit Organisation name: London Borough of Merton Periodic plan date:

More information

IT Infrastructure Security Policy. Policy and Guidance

IT Infrastructure Security Policy. Policy and Guidance IT Infrastructure Security Policy Policy and Guidance June 2013 Project Name Product Title IT Infrastructure Security Policy Policy and Guidance Version Number 1.2 Final Document Control Organisation Mendip

More information

Information Security Policy

Information Security Policy Central Bedfordshire Council www.centralbedfordshire.gov.uk Information Security Policy January 2016 Security Classification: Not Protected 1 Approval History Version No Approved by Approval Date Comments

More information

CD ROM, Inc. 2014 Commercial Catalog. Destruction and Recycling Services

CD ROM, Inc. 2014 Commercial Catalog. Destruction and Recycling Services Destruction and Recycling Services An ISO 9002-compliant company Audited 100% data destruction and green recycling 2014 Commercial Catalog Edition 2014 www.cdrominc.com CD Rom, Inc. Table of Contents About

More information

Policy Document. IT Infrastructure Security Policy

Policy Document. IT Infrastructure Security Policy Policy Document IT Infrastructure Security Policy [23/08/2011] Page 1 of 10 Document Control Organisation Redditch Borough Council Title IT Infrastructure Security Policy Author Mark Hanwell Filename IT

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Information Security Policy September 2009 Newman University IT Services. Information Security Policy Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms

More information

Protecting Data in Decommissioned IT Assets: Factors, Tools and Methods

Protecting Data in Decommissioned IT Assets: Factors, Tools and Methods SECURIS SM Protecting Data in Decommissioned IT Assets: Factors, Tools and Methods Information Systems Security Association (ISSA) Baltimore Chapter Monthly Meeting January 27, 2016 Hugh McLaurin, CSDS

More information

IT Trading UK Ltd Computer & IT Equipment Disposal Specialists

IT Trading UK Ltd Computer & IT Equipment Disposal Specialists IT Trading UK Ltd Computer & IT Equipment Disposal Specialists Unit 4A Scott's Close, Downton Business Centre, Downton, Salisbury, Wiltshire, SP5 3RA Tel: 01725 513403 Fax: 01725 513714 Email: info@it-trading.co.uk

More information

Privacy Data Loss. Privacy Data Loss. Identity Theft. The Legal Issues

Privacy Data Loss. Privacy Data Loss. Identity Theft. The Legal Issues Doing Business in Oregon Under the Oregon Consumer Identity Theft Protection Act and Related Privacy Risks Privacy Data Loss www.breachblog.com Presented by: Mike Porter March 10, 2009 2 Privacy Data Loss

More information

Information & ICT Security Policy Framework

Information & ICT Security Policy Framework Information & ICT Security Framework Version: 1.1 Date: September 2012 Unclassified Version Control Date Version Comments November 2011 1.0 First draft for comments to IT & Regulation Group and IMG January

More information

DATA SECURITY POLICY. Data Security Policy

DATA SECURITY POLICY. Data Security Policy Data Security Policy Contents 1. Introduction 3 2. Purpose 4 3. Data Protection 4 4. Customer Authentication 4 5. Physical Security 5 6. Access Control 6 7. Network Security 6 8. Software Security 7 9.

More information

Data Access Request Service

Data Access Request Service Data Access Request Service Guidance Notes on Security Version: 3.6 Date: 12/11/2015 1 Copyright 2015, Health and Social Care Information Centre. Introduction This security guidance is for organisations

More information

Data Access Request Service

Data Access Request Service Data Access Request Service Guidance Notes on Security Version: 4.0 Date: 01/04/2015 1 Copyright 2014, Health and Social Care Information Centre. Introduction This security guidance is for organisations

More information

INFORMATION TECHNOLOGY EQUIPMENT PROCUREMENT AND DISPOSAL POLICY

INFORMATION TECHNOLOGY EQUIPMENT PROCUREMENT AND DISPOSAL POLICY INFORMATION TECHNOLOGY EQUIPMENT PROCUREMENT AND DISPOSAL POLICY Version: 1.4 Ratified by: Date Ratified: 14 October 2014 Name of Originator/Author: Name of Responsible Committee/Individual: Date issued:

More information

Records Management Plan. April 2015

Records Management Plan. April 2015 Records Management Plan April 2015 Prepared in accordance with the Public Records (Scotland) Act 2011 and submitted to the Keeper of the Records of Scotland for their agreement on 28 April 2015 (Revised

More information

Grasmere Primary School Asset Management Policy

Grasmere Primary School Asset Management Policy Grasmere Primary School Asset Management Policy 1. INTRODUCTION: 1.1.1 The Governing Body of Grasmere Primary School is responsible for the proper management and security of the school premises and the

More information

Managing and Automating Data Erasure for Mobile Devices: STRATEGIES FOR RECYCLERS AND IT ASSET DISPOSAL SPECIALISTS

Managing and Automating Data Erasure for Mobile Devices: STRATEGIES FOR RECYCLERS AND IT ASSET DISPOSAL SPECIALISTS Managing and Automating Data Erasure for Mobile Devices: STRATEGIES FOR RECYCLERS AND IT ASSET DISPOSAL SPECIALISTS Blancco White Paper Published 14 February 2013 Introduction Advanced mobile devices like

More information

SOA ISO Statement of Applicability

SOA ISO Statement of Applicability SOA ISO 27001 2005 Statement of Applicability A.5 Security A.5.1 Information Security A.5.1.1 A.5.1.2 Information security policy document Review of the information security policy A.6 Organisation of

More information

www.williamsdatamanagement.com 323-234-3453

www.williamsdatamanagement.com 323-234-3453 www.williamsdatamanagement.com 323-234-3453 RECORDS MANAGEMENT Since 1922, Williams has provided its clients world class services and technologies ensuring the safety, security, and protection of their

More information

Data Security Policy. 1. Document Status. Version 1.0. Approval. Review By June 2011. Secure Research Database Analyst. Change History. 1 Version 1.

Data Security Policy. 1. Document Status. Version 1.0. Approval. Review By June 2011. Secure Research Database Analyst. Change History. 1 Version 1. Data Security Policy 1. Document Status Security Classification Level 4 - PUBLIC Version 1.0 Status DRAFT Approval Life 3 Years Review By June 2011 Owner Secure Research Database Analyst Change History

More information

Written Information Security Plan (WISP) for. HR Knowledge, Inc. This document has been approved for general distribution.

Written Information Security Plan (WISP) for. HR Knowledge, Inc. This document has been approved for general distribution. Written Information Security Plan (WISP) for HR Knowledge, Inc. This document has been approved for general distribution. Last modified January 01, 2014 Written Information Security Policy (WISP) for HR

More information

IT asset disposal for organisations

IT asset disposal for organisations ICO lo Data Protection Act Contents Introduction... 1 Overview... 2 What the DPA says... 3 Create an asset disposal strategy... 3 How will devices be disposed of when no longer needed?... 3 Conduct a risk

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)

More information

HIPAA Security Alert

HIPAA Security Alert Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information

More information

NewYork-Presbyterian Hospital Sites: All Centers Hospital Policies and Procedures Manual Policy Number: I240 Page 1 of 9

NewYork-Presbyterian Hospital Sites: All Centers Hospital Policies and Procedures Manual Policy Number: I240 Page 1 of 9 Page 1 of 9 TITLE: INFORMATION SECURITY: DEVICE AND MEDIA CONTROLS POLICY: Reasonable steps are taken to protect, account for, properly store, back up, encrypt and dispose of hardware, paper and electronic

More information

Protection of Computer Data and Software

Protection of Computer Data and Software April 2011 Country of Origin: United Kingdom Protection of Computer Data and Software Introduction... 1 Responsibilities...2 User Control... 2 Storage of Data and Software... 3 Printed Data... 4 Personal

More information

Guidance on Personal Data Erasure and Anonymisation 1

Guidance on Personal Data Erasure and Anonymisation 1 Guidance on Personal Data Erasure and Anonymisation Introduction Data users engaged in the collection, holding, processing or use of personal data must carefully consider how to erase such personal data

More information

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY ISO 27002 5.1 Author: Owner: Organisation: Chris Stone Ruskwig TruePersona Ltd Document No: SP- 5.1 Version No: 1.0 Date: 10 th January 2010 Copyright

More information

your risks Find out more about our affordable, secure shredding and recycling service.

your risks Find out more about our affordable, secure shredding and recycling service. your risks Find out more about our affordable, secure shredding and recycling service. Veolia Environmental Services understood our needs and recommended an affordable solution for securing and recycling

More information

Rotherham CCG Network Security Policy V2.0

Rotherham CCG Network Security Policy V2.0 Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October

More information

Bedford County Tennessee

Bedford County Tennessee Bedford County Tennessee Digital Media and Hardware Disposal Policy Date: 08.31.11 Approved By: Chris White Policy Number: 1 P age 1.0 INTRODUCTION 3 1.1 Authority. 3 1.2 Purpose.. 3 1.3 Scope 3 1.4 Background.

More information

Identity Theft Security and Compliance: Issues for Business

Identity Theft Security and Compliance: Issues for Business Identity Theft Security and Compliance: Issues for Business The Facts Six Common Uses for Stolen Information Financial Criminal Medical DMV Social Security Terrorist The Facts A Chronology of Data Breaches

More information

LSE PCI-DSS Cardholder Data Environments Information Security Policy

LSE PCI-DSS Cardholder Data Environments Information Security Policy LSE PCI-DSS Cardholder Data Environments Information Security Policy Written By: Jethro Perkins, Information Security Manager Reviewed By: Ali Lindsley, PCI-DSS Project Manager Endorsed By: PCI DSS project

More information

ACE Advantage PRIVACY & NETWORK SECURITY

ACE Advantage PRIVACY & NETWORK SECURITY ACE Advantage PRIVACY & NETWORK SECURITY SUPPLEMENTAL APPLICATION COMPLETE THIS APPLICATION ONLY IF REQUESTING COVERAGE FOR PRIVACY LIABILITY AND/OR NETWORK SECURITY LIABILITY COVERAGE. Please submit with

More information

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY Rev Date Purpose of Issue/ Description of Change Equality Impact Assessment Completed 1. June 2011 Initial Issue 2. 29 th March 2012 Second Version 3. 15 th April 2013 Third

More information

Keeping watch over your best business interests.

Keeping watch over your best business interests. Keeping watch over your best business interests. 0101010 1010101 0101010 1010101 IT Security Services Regulatory Compliance Services IT Audit Services Forensic Services Risk Management Services Attestation

More information

Small businesses: What you need to know about cyber security

Small businesses: What you need to know about cyber security Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...

More information

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c INFORMATION SECURITY MANAGEMENT SYSTEM Version 1c Revised April 2011 CONTENTS Introduction... 5 1 Security Policy... 7 1.1 Information Security Policy... 7 1.2 Scope 2 Security Organisation... 8 2.1 Information

More information

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant 1 HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant Introduction U.S. healthcare laws intended to protect patient information (Protected Health Information or PHI) and the myriad

More information

Policy for the Re-use and Disposal of Computers, other IT Equipment and Data Storage Media

Policy for the Re-use and Disposal of Computers, other IT Equipment and Data Storage Media Policy for the Re-use and Disposal of Computers, other IT Equipment and Data Storage Media The University has legal obligations to ensure that all computers, IT equipment, and data storage media (e.g.

More information

Data and Information Security Policy

Data and Information Security Policy St. Giles School Inspire and achieve through creativity School Policy for: Date: February 2014 Data and Information Security Policy Legislation: Policy lead(s) The Data Protection Act 1998 (with consideration

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Policy Statement Whyte & Co. is committed to ensuring that it fully complies with all its legal obligations under the Data Protection Acts of 1998 and 2003. The company processes

More information

TELEFÓNICA UK LTD. Introduction to Security Policy

TELEFÓNICA UK LTD. Introduction to Security Policy TELEFÓNICA UK LTD Introduction to Security Policy Page 1 of 7 CHANGE HISTORY Version No Date Details Authors/Editor 7.0 1/11/14 Annual review including change control added. Julian Jeffery 8.0 1/11/15

More information

HSCIC Audit of Data Sharing Activities:

HSCIC Audit of Data Sharing Activities: Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 21/09/2015 HSCIC Audit of Data Sharing

More information

SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP. Classification: Open

SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP. Classification: Open SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this material may

More information

Improving Business for SMEs with Online Backup Improving Business for SMEs with Online Backup

Improving Business for SMEs with Online Backup Improving Business for SMEs with Online Backup Improving Business for SMEs with Online Backup www.cloudsecure.co.uk/cloudsecure 1 Accountants and Solicitors Firms Professional organisations such as accountancy and solicitors firms have an ever increasing

More information

IT Data Security Policy

IT Data Security Policy IT Data Security Policy Contents 1. Purpose...2 2. Scope...2 3. Policy...2 Access to the University computer network... 3 Security of computer network... 3 Data backup... 3 Secure destruction of data...

More information

Destruction and Disposal of Sensitive Data

Destruction and Disposal of Sensitive Data Destruction and Disposal of Sensitive Data Good Practice Guidelines Version: 3.0 Date: March 2015 1 Copyright 2015, Health and Social Care Information Centre. Contents 1. Introduction 3 1.2 Aims and Objectives

More information

A Guide to Minimizing the Risk of IT Asset Disposition

A Guide to Minimizing the Risk of IT Asset Disposition A Guide to Minimizing the Risk of IT Asset Disposition Who is concerned about risk? They may not think about it terms of risk, but almost everyone at your organization is worried about the chinks in its

More information

developing your potential Cyber Security Training

developing your potential Cyber Security Training developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company

More information

Human Resources Policy documents. Data Protection Policy

Human Resources Policy documents. Data Protection Policy Policy documents Aims of the Policy apetito is committed to meeting its obligations under data protection law. As a business, apetito handles a range of Personal Data relating to its customers, staff and

More information

Credit and Debit Card Handling Policy Updated October 1, 2014

Credit and Debit Card Handling Policy Updated October 1, 2014 Credit and Debit Card Handling Policy Updated October 1, 2014 City of Parkville 8880 Clark Ave. Parkville, MO 64152 Hours: 8:00-5:00 p.m. Monday -Friday Phone Number 816-741-7676 Email: cityhall@parkvillemo.gov

More information

Small businesses: What you need to know about cyber security

Small businesses: What you need to know about cyber security Small businesses: What you need to know about cyber security Contents Why you need to know about cyber security... 3 Understanding the risks to your business... 4 How you can manage the risks... 5 Planning

More information

43: DATA SECURITY POLICY

43: DATA SECURITY POLICY 43: DATA SECURITY POLICY DATE OF POLICY: FEBRUARY 2013 STAFF RESPONSIBLE: HEAD/DEPUTY HEAD STATUS: STATUTORY LEGISLATION: THE DATA PROTECTION ACT 1998 REVIEWED BY GOVERNING BODY: FEBRUARY 2013 EDITED:

More information

ISO27001 Controls and Objectives

ISO27001 Controls and Objectives Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the

More information

SECURITY POLICY REMOTE WORKING

SECURITY POLICY REMOTE WORKING ROYAL BOROUGH OF WINDSOR AND MAIDENHEAD SECURITY POLICY REMOTE WORKING Introduction This policy defines the security rules and responsibilities that apply when doing Council work outside of Council offices

More information

Accounting and Administrative Manual Section 100: Accounting and Finance

Accounting and Administrative Manual Section 100: Accounting and Finance No.: C-13 Page: 1 of 6 POLICY: It is the policy of the University of Alaska that all payment card transactions are to be executed in compliance with standards established by the Payment Card Industry Security

More information

ENVIRONMENTAL POLICY STATEMENT

ENVIRONMENTAL POLICY STATEMENT ENVIRONMENTAL POLICY STATEMENT COMPANY NAME ADDRESS COMPANY ACTIVITIES TRACKYOU LTD BLACKWOOD BUSINESS PARK, ASH ROAD SOUTH, WREXHAM, LL13 9UG Telematics Provider of Vehicle Tracking Units to Local Authorities

More information

HSCIC Audit of Data Sharing Activities:

HSCIC Audit of Data Sharing Activities: Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 26/10/2015 HSCIC Audit of Data Sharing

More information

Newcastle University Information Security Procedures Version 3

Newcastle University Information Security Procedures Version 3 Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations

More information

ESET Secure Authentication

ESET Secure Authentication ESET Secure Authentication Second factor authentication and compliance Document Version 1.2 6 November, 2013 www.eset.com ESET Secure Authentication - second factor authentication and compliance 2 2 Summary

More information

COMMERCIAL WASTE SERVICES. sharing responsibility

COMMERCIAL WASTE SERVICES. sharing responsibility COMMERCIAL WASTE SERVICES sharing responsibility commercial waste management Keeping our customers informed Realising the value of waste Veolia Environmental Services is an international, market-leading

More information

BEST PRACTICES FOR COMMERCIAL COMPLIANCE

BEST PRACTICES FOR COMMERCIAL COMPLIANCE BEST PRACTICES FOR COMMERCIAL COMPLIANCE [ BEST PRACTICES FOR COMMERCIAL COMPLIANCE ] 2 Contents OVERVIEW... 3 Health Insurance Portability and Accountability Act (HIPAA) of 1996... 4 Sarbanes-Oxley Act

More information

Best Practices for Responsible Disposal of Tape Media

Best Practices for Responsible Disposal of Tape Media Best Practices for Responsible Disposal of Tape Media The Environmental and Economic Benefits of Recycling vs. Destruction White Paper The Data Media Source San Jose, CA Data Media Source 2006 For use

More information

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) Background Due to increased threat of identity theft, fraudulent credit card activity and other instances where cardholder

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information

University of Sunderland Business Assurance Information Security Policy

University of Sunderland Business Assurance Information Security Policy University of Sunderland Business Assurance Information Security Policy Document Classification: Public Policy Reference Central Register Policy Reference Faculty / Service IG 003 Policy Owner Assistant

More information

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY Illinois Department of Healthcare and Family Services Training Outline: Training Goals What is the HIPAA Security Rule? What is the HFS Identity

More information

UNCLASSIFIED CESG ASSURED SERVICE CAS SERVICE REQUIREMENT DESTRUCTION. Version 1.0. Crown Copyright 2012 All Rights Reserved.

UNCLASSIFIED CESG ASSURED SERVICE CAS SERVICE REQUIREMENT DESTRUCTION. Version 1.0. Crown Copyright 2012 All Rights Reserved. CESG ASSURED SERVICE CAS SERVICE REQUIREMENT DESTRUCTION Version 1.0 Crown Copyright 2012 All Rights Reserved Page 1 Document History Version Date Description 0.1 June 2012 Initial Draft Version 1.0 July

More information

University of Liverpool

University of Liverpool University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October

More information

Managed Hosting & Datacentre PCI DSS v2.0 Obligations

Managed Hosting & Datacentre PCI DSS v2.0 Obligations Any physical access to devices or data held in an Melbourne datacentre that houses a customer s cardholder data must be controlled and restricted only to approved individuals. PCI DSS Requirements Version

More information

Understanding Data Destruction and How to Properly Protect Your Business

Understanding Data Destruction and How to Properly Protect Your Business Understanding Data Destruction and How to Properly Protect Your Business Understanding Data Destruction and How to Properly Protect Your Business I. Abstract This document is designed to provide a practical

More information