Maintaining a secure chain of custody

Back Thru The Future has developed a secure and documented chain of custody process for the disposal and destruction of your obsolete data media. This process involves either onsite shredding or the utilization of a bar code inventory control system along with secure and sealed shipping containers. A very important feature of our process is the storage of all project documentation in our cloud based document archive “Compliance Library”. This password protected tool provides you with 24/7 immediate access to all of your chain of custody documentation as well as historical statistics concerning your destruction activity.

Vendor due diligence

In addition to your own internal data security needs there are Federal, State and Industry (PCI) data privacy regulations as well as state electronic recycling regulations. We have been providing secure and environmentally compliant technology disposal services for over 28 years. No one in the shredding industry has better regulatory and industry licenses and certifications. It is our job to protect our clients from unintentionally running afoul of regulatory compliance issues. Read more about vendor due diligence.

Data breach risk on mobile devices

Few things can have a more disastrous effect on a law firm than the breach of client confidentiality caused by a data breach. It is important to realize that over 60% of all data breaches reported to authorities are not caused by online hacks but by the loss of control of a physical data asset. Law firms’ portable computers and communications devices are exactly the types of data assets that are most frequently mishandled. The challenges associated with controlling these types of data assets includes the eventual collection and disposal of damaged and obsolete devices. These devices all store data on solid state electronics not hard drives. Solid state storage is nearly impossible to sanitize effectively. The only truly effective way to destroy the recorded data is by shredding the device.

EDD Risk

Electronic data discovery activity almost always includes court ordered destruction of information collected after litigation is completed. Your firm and individual attorneys will be required to attest to this destruction. We regularly provide “auditable chain of possession” documentation of the destruction of the data media to some of the largest EDD service providers in the country.

FRC EDD Protection

We provide annual agreements that provide for regularly scheduled pick up and destruction of your accumulated obsolete data assets and communication devices. This includes a bar code inventory control system, secure collection containers, chain of possession handling procedures, and NIST compliant data destruction, all documented with auditable compliance documentation. This annual agreement provides the legal protection of having a documented automated process for the destruction of obsolete data as required under the FRCP EDD “Safe Harbor Data Destruction” rule. As a matter of fact we named this service after this rule. “Safe Harbor Express™”