Information security is all about accountability. Keeping track of secure data gives individuals, businesses, and the government a responsibility to protect.
Recently the secure hard drive destruction process within the Internal Revenue Service (IRS) was compromised. The tables turned on the IRS, an organization that closely watches the U.S. revenue system, when all eyes needed to be on them. In June, the IRS told Congress that two years of Former senior IRS official Lois Lerner’s emails were lost when her computer’s hard drive crashed in 2011.
IRS Commissioner John Koskinen was recently grilled regarding the hard drive destruction process of the hard drive. The IRS was slammed for failing to notify congressional investigators as soon as the agency realized the emails were lost.
They broke their chain of custody, and as a result, their credibility.
The chain of custody is an important step that adds a set of checks and balances to the process of handling secure information. This process keeps both the individual/business and the secure recycling company liable during the destruction process.
A report released in April by the Treasury Inspector General for Tax Administration (TIGTA) found that the IRS needs to improve its processes for disposing of unneeded computers, printers and servers. The report stated that the IRS lacks proper documentation to ensure compliance with media sanitization guidelines. Currently, the inventory does not archive electronic asset disposal data.
TIGTA recommended in the report that the Chief Technology Officer of the IRS needs to monitor that each department report lost or stolen information technology equipment within one hour of detection; an action now questioned after the incident with Lois Lerner’s disposed hard drive.
Another representative that grilled the IRS was Rep. Darrell Issa. He stated that the committee he chairs will “probably never know” if a computer crash that destroyed sought-after e-mails was a deliberate act to cover up wrongdoing at the IRS. Issa also explained that there’s evidence that she was in violation of some agency regulations and laws.
DataShield takes the secure hard drive destruction seriously. We value the chain of custody and guarantee that all confidential data is accounted for. From receiving data to transporting and shredding, every step is documented and monitored for maximum security. Call us today to get started with our secure hard drive shredding.