Home > Articles > Home & Office Computing > eBay/Yahoo/Google

Jurassic Hard Drive Shredders Munch Regulatory, Legal Problems

  • Print
  • + Share This
It's a jungle out there, with old hard drives growing legs and scampering off through the trees to spread information outside your walls. But a new breed of metal-munching and drive-slashing monsters has been created to chew up your problems and cut the data leaks for as little as twelve cents a pound, and they are awesome.
Like this article? We recommend

End-of-Movie Nightmare? Just the Beginning Today

Remember the ending of Deliverance, when the dreamer saw the murdered man's hand thrust through the placid water, revealing a crime that was supposed to have remained hidden under the still, forgetful lake? An enterprise hard drive is full of many such visions: not evidence of crimes, but chilling moments for the company official who learns—or simply worries—that confidential or proprietary information was not destroyed with a hard drive sent to auction, donated to charity, packed home with an employee, sent to a recycling center, or tossed in the trash.

It's not just the old drive that housed the SQL server that you need to worry about: Workstation drives can contain passwords, automatic logins, proprietary work, and enough personal information to compromise an employee's security, or stupid remarks that could embarrass the company or invite a lawsuit.

Shove past the potentially damaged—or damaging—employee, and Uncle Sam is looking out for employees (well, mostly clients) with this alphabet game:

  • . The Fair and Accurate Credit Transactions Act of 2003 has rules about timely and proper disposal of consumer information for anyone who collects it. (Want more details? Visit this page or this one.)

  • GLB or GLBA. The Gramm-Leach-Bliley Act (also known as the Financial Services Modernization Act of 1999) applies to all financial institutions. (More details here.)

  • HIPAA. The Health Insurance Portability and Accountability Act of 1966 applies to any entity that transmits protected health information (PHI) in electronic form.

But you know about data risks. And you know that drilling holes in hard drives leaves lots of data to mine between them—and how lame software wiping is. You can try to follow the Department of Defense's DoD 5220.22-M standard for overwriting hard drives with due diligence, but:

  • Who has the time?

  • You know they keep trying to reconstruct the missing minutes on those Nixon tapes.

  • What about the drives you can no longer mount?

If you're really good, you probably take the drives apart and pass over each platter with a super magnet (the kind that could pick up your car), and then bend each platter until it breaks. Completely severing the tracks is key to destroying the data. But who has the time—or strength—for that?

  • + Share This
  • 🔖 Save To Your Account