Hard Disk Drive and Backup Tape Secure Shredding and Destruction
All hard disk drives are either data wiped to DoD standards using certified data erasure / wiping software, or shredded for your peace of mind using a shredding process which will shred your drives in to 6mm - 40mm fragments (depending on your data destruction and shredding security requirements). Therefore, none of your data is retrievable which eliminates any risk of your information ending up in the wrong hands. We supply a Certificate of Data Destruction for each hard disk drive destroyed, which our customers find a very cost effective service. We also supply a Certificate of Data Destruction for any other form of Storage Media which is destroyed using our secure shredding service.
SECURE DATA DESTRUCTION SERVICES
We offer a secure shredding service to the highest security levels for all types of storage media and drives including:-
Memory Sticks (USB)
Servers and Network Switches
Servers and Network Switches
Back Up Tapes
Video Tapes (VHS, Betamax)
Compact Discs (CDs / DVDs)
Protect your confidential and sensitive data and information, by shredding portable electronic media when it is no longer required.
Ensure you are compliant with the Data Protection Act, by preventing such items from getting into the hands of thieves and fraudsters who might use the information for the purpose of crime and identity theft.
Protect your business and avoid being fined up to £500,000 by the Information Commissioners Office, by having all your redundant electronic media shredded.
NHS TRUST RECEIVES LARGEST EVER DATA BREACH FINE
Brighton and Sussex University Hospitals NHS Trust fined £325k after hard drives with highly-sensitive patient data were sold on eBay, but will appeal.
An NHS Trust in Brighton has been served with the largest ever fine issued by the Information Commissioner, after hospital hard drives containing sensitive patient data were sold on eBay.
The hard drives contained medical records, home addresses and National Insurance numbers of "tens of thousands" of patients, the ICO said today, including children and patients treated by the Trust's HIV and Genito Urinary Medicine unit.
The ICO has issued a £325,000 penalty to the Trust, more than double its previous record fine. The Trust will appeal the ruling, saying it "simply cannot afford" it.
In 2010, the Trust's IT provider, the NHS-owned Sussex Health Informatics Service (HIS), was tasked with destroying 1,000 hard drives. One of its contractors recommended that a third party company destroyed the hard drives.
"Apparently, [the Trust] was not aware that HIS had engaged the individual to destroy the hard drives stored at the hospital," the ICO says in its summary of the case."
In December 2010, a data recovery company bought four of the hard drives on eBay, one of which contained a database the results of sexually transmitted disease tests of 67,842 patients. Another contained a database contained the names and addresses of 1,527 HIV positive patients.
The data recovery company alerted the Trust, which reported the incident to the ICO. At the time, it insisted that only the four hard drives were affected and that all others were secure, the ICO claims.
However, in April 2011, a student bought a number of hard drives on eBay that appeared to have belonged to the Trust. These drives again contained sensitive patient data.
The ICO says the individual sold at least 232 of the Trust's hard drives on eBay. Sussex Police says it arrested a 36-year old man on suspicion of theft, but there was insufficient evidence to charge him. "He was bailed several times before being NFA (no further action) on 17 July 2011," the police force said in a statement.
The Trust breached the Data Protection Act, the ICO says, because it "failed to choose a data processor providing sufficient guarantees" regarding information security.
The breach met the criteria for a fine because it was likely to cause "substantial distress" to data subjects, and because the Trust was aware of the risk of such a breach but failed to take the necessary precautions.
Duncan Selbie, CEO of Brighton and Sussex University Hospitals, says that Trust disputes the ICO's findings, "especially that we were reckless".
"We arranged for an experienced NHS IT service provider to safely dispose of our redundant hard drives and acted swiftly to recover, without exception, those that their sub-contractor placed on eBay. No sensitive data has therefore entered the public domain."
"In a time of austerity, we have to ensure more than ever that we deliver the best and safest care to our patients with the money that we have available," he added. "We simply cannot afford to pay a £325,000 fine and are therefore appealing to the Information Tribunal.”
Source: Information Age
COMPUTER HARD DRIVE SOLD ON EBAY HAD DETAILS OF TOP SECRET U.S. MISSILE DEFENCE SYSTEM
Highly sensitive details of a US military missile air defence system were found on a second-hand hard drive bought on eBay.
The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defence) ground to air missile defence system, used to shoot down Scud missiles in Iraq.
The disk also contained security policies, blueprints of facilities and personal information on employees including social security numbers, belonging to technology company Lockheed Martin - who designed and built the system.
British researchers found the data while studying more than 300 hard disks bought at computer auctions, computer fairs and eBay.
The experts also uncovered other sensitive information including bank account details, medical records, confidential business plans, financial company data, personal id numbers, and job descriptions.