IT recycling is a business niche.
For want of a better word, I suppose. Everyone needs to do it sooner or later,
some more regularly than others, and the suppliers within the niche, or sector,
or whatever you want to call it, battle it out for their fair market share.
Same as any other sector.
The trouble about being in a
niche is that awareness varies. Really big businesses get rid of a lot of kit
all the time. They have a constant refresh process going on by the very nature
of employing lots of people and running big systems. In these businesses they
tend to take their responsibilities very seriously and their chosen suppliers
have to be up to scratch.
As in any niche, suppliers and
interested parties organise and get together to form an accreditation body, an
industry promotion club. For ITAD (IT Asset Disposition for the uninitiated, we
have ADISA (Asset Disposal and Information Security Alliance) and other than
eReco’s own MD, Jane Taylor, the ADISA council includes executives from Dell
and Microsoft, as well as many other businesses like us around the country.
It is about best practise and
accreditation essentially. Any company certified to meet the ADISA standard has
the knowledge, processes and tools to provide a professional ITAD service. They
do spot checks and an annual audit – these are no low hurdles. And when
tendering for any large business it is more or less a requirement to get a seat
at the table, or at least it should be. Take a look at the website and see for yourself ( www.adisa.org.uk ). For the record, we are
certified to distinction level.
But let’s get back to the trouble
about being in a niche. 98% of businesses, employing over half the people in
this country, are classified as SME’s. Most of those do not have a regular ITAD
process and thus only use a supplier on a needs basis.
In this area the awareness levels
drop away quite alarmingly. If you are a regular, loyal reader of this blog you
will have some understanding of this. In short, it amounts to ignorance (of the
regulations), apathy (I won’t get caught, I am too small) and fear or suspicion
(I am a bit nervous of throwing my hard drives away because I don’t trust
anyone to do it properly, and they are probably ripping me off anyway).
The good people tasked with
disposing of old equipment in these organisations do not know about ADISA and
they do not really get too excited about best practise. They are much more
concerned with the cost of disposal. They are also far more susceptible to the
temptations of the ‘we can do that for free’ brigade.
It is unfair to criticise ADISA
for any of this. They perform an important role and promoting the body
effectively to every business in this country would cost a small fortune. But
they could and should lobby both the government and the regulators to help them
do so. We are the knights in shining armour doing the dirty work for the ICO
and his hordes and we could do with some help getting the message across.
Many regulators toy with the
issue of data security. The FCA recommends the use of an ITAD partner and
decapitates any members who lose client data – a fairly weak suggestion backed
up with a blooming great big stick!
The Bar Council goes a little
further, and I quote ‘there are a number of companies which offer the services
of the secure destruction or safe recycling of computers and devices. However,
be aware that some of these companies are less reputable than others, and have
been known to provide documents purportedly evidencing destruction or secure
erasure prior to resale. Actually, they have not provided the service at all.
Ultimately responsibility for the failure by such a company to fulfil its
contractual obligation to destroy or securely erase rests with you, as
exemplified by a recent case decision of the ICO relating to an NHS Trust.’
My frustration is that the
regulators go so far but don’t actually mention accreditation. What the Bar
Council and the FCA should be saying is use an ADISA accredited ITAD supplier.
It’s that simple. They are happy to highlight the problems, but not to promote
the solutions.
No comments:
Post a Comment