Logo & Navigation

Commercial Users

Data Security, Inc., manufactures degaussers for financial companies required to meet the stringent security requirements set forth by the Gramm-Leach-Bliley (GLB) Act. We also produce degaussers for health care and other agencies required to comply with the Health Insurance Portability and Accountability Act (HIPAA).

Financial Companies: Gramm-Leach-Bliley (GLB) Act

Many financial institutions collect personal information from their customers, such as their names, addresses, and phone numbers; bank and credit card account numbers; income and credit histories; and social security numbers. The GLB Act requires financial institutions to ensure the security and confidentiality of this type of information.

As part of its implementation of the GLB Act, the Federal Trade Commission (FTC) has issued the Safeguards Rule. This rule requires financial institutions under FTC jurisdiction to secure customer records and information and to train employees to take basic steps to maintain the security, confidentiality, and integrity of customer information.

Here are some suggestions on how to maintain security throughout the life cycle of customer information, that is, from data entry to data disposal:

  • Shred or recycle customer information recorded on paper and store it in a secure area until a recycling service picks it up.
  • Erase all data when disposing of computers, diskettes, magnetic tapes, hard drives, or any other electronic media that contain customer information.
  • Effectively destroy the hardware and promptly dispose of outdated customer information.

Health Care Agencies: Health Insurance Portability and Accountability Act (HIPAA)

The final rule adopting HIPAA standards for the security of electronic health information was published in the Federal Register on February 20, 2003. This final rule specifies a series of administrative, technical, and physical security procedures for covered entities to use to ensure the confidentiality of electronic protected health information.

The requirements and implementation features for Device and media controls are presented at §164.310 (d) of this rule. The following excerpt depicts the requirements and implementation features for the Device and media controls category:

Standard: Device and media controls.
Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within the facility.

Implementation specifications:

Disposal (Required).
Implement policies and procedures to address the final disposition of electronic protected health information, and/or the hardware or electronic media on which it is stored.

Media re-use (Required).
Implement procedures for removal of electronic protected health information from electronic media before the media are made available for re-use.

Accountability (Addressable).
Maintain a record of the movements of hardware and electronic media and any person responsible therefore.

Data backup and storage (Addressable).
Create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment.

Benefits of Data Security Degaussers

  • Meet HIPAA and GLB Act requirements for Device and media controls policies and procedures that govern the receipt and removal of hardware and electronic media, including disposal, media reuse, and accountability.
  • Avoid costs and loss of revenue associated with stolen storage media.
  • Reduce risk.
    • Remove damaging e-mails, company proprietary information, customer profiles, and financial data to reduce exposure and risk of compromising proprietary information.
    • Prevent the retrieval of company information by data recovery services or software.
  • Save money.
    • Erase inoperable hard drives before release (i.e., disposal, warranty repair, etc.) without voiding the original manufacturer warranty.
  • Save time.
    • Reduce the amount of time and labor resources required to overwrite the information or to destroy the magnetic media.
    • Eliminate merging client information by degaussing backup tapes before reuse.
  • Protect from dumpster divers, media loss during transport, employee theft, and improper media destruction (i.e., inferior degausser, non-Department of Defense approved destruction methods).