The Role and Regulation of IT Asset Disposition (ITAD) in the United States

The United States regulates the handling, use, and storage of sensitive data, and it also regulates the devices this data is stored on. The mishandling of both the information and the equipment can lead to fines, data breaches, and loss of client trust. Knowing the laws and regulations surrounding both the data and the equipment while undergoing ITAD in the United States aids in achieving and maintaining compliance, and choosing the right ITAD provider can ensure it.

Though some e-waste recycling took place before the 1990s, ITAD in the United States as we know it took form as more businesses were turning to technology and personal computers became common. As technology became more prevalent, so did e-waste, and companies began to recognize the need for secure and environmentally responsible disposal of IT assets. ITAD companies began to take shape, providing data destruction, recycling, refurbishment, and remarketing of used IT equipment.

E-waste was first regulated in the United States in 1976 with the Resource Conservation and Recovery Act (RCRA). Because e-waste is hazardous waste, this law gave the EPA authority to regulate it, including its transportation and its storage. E-waste was further regulated with the Basel Convention on hazardous waste in 1989 after a series of environmental disasters caused by the lack of regulation of e-waste disposal. Though the United States signed it, it has not ratified the Basel Convention because it does not have sufficient domestic statutory authority to implement it in entirety The passing of the Electronic Waste Recycling Act in California in 2003 marked a significant milestone, setting a precedent for other states to follow. Currently, 25 states have e-waste legislation in place.

The United States has passed laws and regulations protecting its citizens from potentially negligent organizations misusing or mishandling their data. These regulations typically belong to healthcare and finance as those fields deal with more sensitive information. Among these regulations are:

• HIPAA (Health Insurance Portability and Accountability Act)
• FACTA (Fair and Accurate Credit Transactions Act)
• GLB (Gramm-Leach-Bliley Act for financial institutions)
• SOX (Sarbanes–Oxley Act which regulates financial record keeping)
• PCI (Payment Card Industry regulations)

Each regulates the way that data is handled, stored and disposed of, and failing to dispose of equipment properly can lead to hefty fines and serious reputational damage.

In addition to environmental and data protection regulations, businesses also turn to ITAD in the United States for a return on their used IT assets. Many used IT assets still hold residual value that can be recaptured through refurbishment and resale. Certified ITAD providers refurbish old equipment and remarket it, lengthening the life of the equipment and helping IT departments get the most out of their investments. For equipment that cannot be refurbished and resold, ITAD companies can recover some of the valuable materials, like copper, to be recycled, offsetting the cost of the disposition.

ITAD in the United States is a growing industry, but it is not growing as fast as the e-waste stream. Ensuring that your organization has a proper ITAD plan is ensuring environmental compliance, data compliance, and offers a return on IT investments.

For more information, contact our experts.