Certified Secure Data Destruction

NAID AAA means that a company has been verified by the National Association of Information Destruction (NAID) to meet strict standards for information destruction. NAID certification is a voluntary program administered by i-SIGMA that verifies secure information destruction practices through rigorous scheduled and unannounced audits, helping organizations protect sensitive data and avoid security breaches, fraud, and compliance penalties.

ISO 9001 is an international standard that defines the requirements for implementing and maintaining a quality management system (QMS), helping organizations improve their performance and meet customer expectations.

ISO 14001 is a set of standards that helps organizations reduce their environmental impact by establishing an effective environmental management system (EMS).

ISO 45001 is the international standard for occupational health and safety management systems that helps organizations improve workplace safety and reduce risks. Organizations use it to demonstrate legal compliance, reduce incidents and absenteeism, while improving productivity, insurance costs, and employee morale.

M360 is a mobile diagnostics and utility software that is certified by ADISA as a reliable software for data erasure. This certification ensures that M360 can securely and permanently erase data.

Data Security for Health Plans, Health Care Clearinghouses, and Health Care Providers

HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

Workstation and Device Security. A covered entity must implement policies and procedures to specify proper use of and access to workstations and electronic media. A covered entity also must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information (e-PHI).

Data Security for Banks and Financial Institutions

The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Specifically, human-I-T helps assist Banks, Credit Unions and other companies adhere to the Federal Trade Commission’s (FTC’s) Disposal Rule. Where applicable, the GLBA requires that customer information is disposed of in a secure way.

Data Security for Credit Institutions and Reporting Agencies

The Fair and Accurate Credit Transaction Act of 2003 (FACTA) added sections to the federal Fair Credit Reporting Act (FCRA, 15 U.S.C. 1681 et seq.), intended primarily to help consumers fight the growing crime of identity theft. Accuracy, privacy, limits on information sharing, and new consumer rights to disclosure are included in FACTA.

Data Security for Federal Executive Branch Civilian Agencies

FISMA requires federal agencies to implement a mandatory set of processes and system controls designed to ensure the confidentiality, integrity, and availability of system-related information. The processes and systems controls in each federal agency must follow established Federal Information Processing Standards, National Institute of Standards and Technology standards, and other legislative requirements pertaining to federal information systems, such as the Privacy Act of 1974.

Data SEcurity for Private SEctor Organizations and Commercial Activity

The Personal Information Protection and Electronic Documents Act (PIPEDA) sets out ground rules for how private sector organizations may collect, use or disclose personal information in the course of commercial activities. PIPEDA also applies to federal works, undertakings and businesses in respect to employee personal information. The law gives individuals the right to access and request correction of the personal information these organizations may have collected about them.

Data Security for Public Companies and Financial Reporting

The Sarbanes-Oxley Act of 2002 (SOX) mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud. It created the “Public Company Accounting Oversight Board,” also known as the PCAOB, to oversee the activities of the auditing profession.