Data Destruction Policy

The Jamil Trust Data Destruction Policy

The Jamil Trust refurbishes used computers and assorted IT equipment for reuse. In processing donated IT equipment the charity has a duty of care to ensure that data is removed with an appropriate level of sanitisation commensurate with the sensitivity of the data stored on the media (hard disk, removable media, flash memory, etc.).

The following document sets out The Jamil Trust’s policy on data sanitisation and destruction and the stringent standards we follow to ensure the secure, full removal of confidential and sensitive data from redundant IT equipment ensuring compliance with General Data Protection Regulations (GDPR).

Hard Drive Return or Destruction Policy

If the hard drive or any storage media is removable The Jamil Trust MUST REMOVE IT AND HANDOVER TO THE OWNER .

However if the hard drive or storage media is not removable then we erase it using the following methods.

How We Erase Data

The Jamil Trust takes data security extremely seriously and for this reason we only use industry leading technology and techniques that have been approved to the highest standards including the UK Government’s HMG Infosec Standard No. 5 (the ‘Enhanced Standard’).

We use market-leading Blancco data erasure software. Blancco software is approved by the UK Government’s National Cyber Security Centre (NCSC) .

Using Blancco’s latest, certified version of software (or any similar software) we can always ensure erasure standards are maintained in line with technological advances.

Factory Resetting Policy

The Jamil Trust always cares about the personal data of our donors therefore we always reset the devices to the factory settings before giving to our beneficiaries.

Apple Device Restore

Apple devices and few other manufacturers have Find My Device security systems in place.

We will check whether this functionally is on or off, if it is on then we require donors to either remove this security function or provide us the username and password for their account to allow us to log into their account and disable this security function.

NOTE: WITHOUT THIS DISABLE THE APPLE DEVICES CAN NOT BE REUSED

Secure Data Erasure

If the hard drive or data bearing device is not removable then we use will erase and

sanitise using NCSC approved data wiping software. Data wiping is the only truly assured method of data destruction, as each individual drive generates its own hard drive erasure report, certifying the date and method used. Drives which fail the wiping process will be physically destroyed.

The Reassurances:

To erase data we use Blancco software which generates an individual, automatically produced data erasure report. This details information including: the hard drive serial number, hard drive capacity and erasure level of 100%. We provide these reports for each collection to a donor on request. This provides traceability required for a comprehensive data audit trail to meet GDPR standards.

Where required we can provide secure collection via GPS-tracked vehicles and DBS-cleared staff to transport equipment.

Secure Physical Data Destruction

The Jamil Trust provides secure physical data destruction in the event that hard drives are not in a working condition, or where a donor’s requirements dictate physical destruction. To achieve this we use a solid steel punch that delivers four tonnes of hydraulic force to bend, mangle and pierce the drive’s housing and platters. The conical punch of the unit causes catastrophic trauma to the hard drive’s chassis whilst destroying its internal platters (the circular disks that store magnetic data). Following the hard drive crushing process with our pneumatic lever this renders the hard drive’s platters as completely unreadable, ensuring complete data destruction.

This process is suitable for all kinds of hard drive formats and meets the DIN 66399 Standard security level H-3, guidelines for the physical damage of media. On request, we provide records detailing the crushed hard drive serial number, capacity and, where relevant, asset information.

The Jamil Trust does not provide on-site physical destruction or shredding of data.

End.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.