Data Security and Compliance

There is a growing list of regulations that dictate how sensitive data is to be handled by corporations and government agencies.  Failure to protect this data, which may involve privacy issues or access to personal or business information, comes with stiff penalties.  Those penalties not only impact a company financially, and possibly senior officers legally, they have significant negative impact on any level of trust the organization once had with its customers and investors.

The data security procedures at PlanITROI assure that your sensitive information is not at risk.  We maintain strict standards for data erasure or hard drive destruction if the latter is required.  With regulations dictating how all information, whether it is patient information or financial data, is to be handled, PlanITROI has refined its data security and physical security protocols to assure thorough and absolute data cleansing.

PlanITROI data security procedures are compliant with Sarbanes-Oxley Act of 2002, Gramm-Leach-Bliley Act, and the Health Insurance Portability and Accountability Act (HIPAA).  As part of our normal data erasure process, which utilizes U.S. Department of Defense DoD 5220.22-M compliant standards, PlanITROI removes all asset ID tags and client identification.  At the same time we will destroy any components such as CDs, flash drives or paperwork that had been inadvertently included with the equipment. 

If a damaged hard drive can not be thoroughly cleansed, it will be removed and destroyed.  That action will be noted, by serial number, on the final asset disposition reports provided to a client.