Your organization tries to be as free from risk as possible. Uncertainty can affect a company’s bottom line and its business objectives, so identifying its sources and planning strategies to minimize their impact is a key best practice. IT asset disposition (ITAD) – the procedure your company uses to dispose of its retired IT equipment – can be a hidden source of risk because it presents opportunities for data breach, environmental violation, and noncompliance with industry regulations. Ideally, your company has already identified and mitigated the ways its ITAD program was exposing it to risk. This might have involved choosing a certified vendor for data destruction and electronics recycling and having detailed reports prepared for every disposition. But, even when you have completely optimized your asset disposition program to minimize risk, you still need to be sure your company is protected financially if something does go wrong. This is a key strategy to manage ITAD risk. Make sure your IT asset disposition vendor has the right insurance coverage.
In addition to reducing financial risk, evidence of insurance also tells you that your vendor is:
- Committed to doing IT asset disposition right. ITAD is a complicated process. By purchasing the right insurance coverage, vendors show they are willing to stand by their processes and organization. It shows they understand all the aspects of asset disposition and how your company is liable if they don’t do their job correctly, according to industry best practices.
- Financially stable. Insurance policies can represent a significant investment. Vendors that are willing to put up the money for them show they are on solid ground financially and you can trust they will be available long-term to fulfill your IT asset disposition needs.
Three insurance policies your ITAD vendor should carry
As you plan to manage ITAD risk, validate that your vendor has the right amount and types of insurance coverage. Look for:
- E&O (Errors and Omissions)
- Environmental liability insurance
- Data breach insurance
Data breach insurance is usually a separate policy or rider specific to data breach costs on an existing business insurance policy. Don’t just take your ITAD vendor’s word for it that they’re covered with data breach and other important insurance policies. Ask to see their certificates of insurance.
Take the program approach to manage ITAD risk
Validating your vendor’s insurance coverage is one strategy for minimizing the risks associated with IT asset disposition. Our “Guide to Minimizing the Risk of IT Asset Disposition” introduces several more. It comes to the conclusion that the best way to manage ITAD risk is within the framework of an enterprise-wide program that addresses data security, regulatory compliance, and environmental concerns, and discusses the next steps for implementing such a program at your organization.
