LAWS PERTAINING TO COMPUTER AND ELECTRONICS RECYCLING

There are five important federal laws you may need to be aware of and comply with, particularly with regard to safe disposal of hazardous waste and safeguarding customer information:

RESOURCE CONSERVATION AND RECOVERY ACT (RCRA)

The Resource Conservation and Recovery Act bans all open dumping of waste, encourages source reduction and recycling, and promotes the safe disposal of municipal waste including the hazardous waste disposal of computers and electronics. To comply with RCRA and avoid serious violation and fines, for example, cathode ray tubes or any other piece of electronic equipment that contains hazardous materials must be managed as hazardous waste and not end up in a landfill.
Visit the Environmental Protection Agency’s site for specific details on RCRA’s requirements.

COMPREHENSIVE ENVIRONMENTAL RESPONSE COMPENSATION AND LIABILITY ACT (CERCLA)

The Comprehensive Environmental Response Compensation and Liability Act (better known as the Superfund law) states that the generator of a waste material containing hazardous substances is liable for proper disposal of that material throughout its life. This is true even if ownership of the material has changed hands. To comply with CERCLA, organizations should be aware that by selling or giving old electronic equipment to another party, they can be held liable for the full cost of cleanup, plus penalties, if the other party disposes of it improperly.
Visit EPA’s overview for more information on CERCLA.

SARBANES-OXLEY ACT (SOX)

Born from the financial scandals of 2001, the Sarbanes-Oxley Act mandates the security of companies’ financial systems and the IT infrastructure that supports those systems. Specifically, Section 404 holds that the confidentially and security of information are crucial foundations of compliance. As such, identity and proprietary data theft is one of the greatest challenges facing small businesses as they work to comply with this legislation that protects consumer financial, credit and health information. SOX requires that electronic data is erased and irretrievable at the end of the useful life of the IT asset.
You can find links to all Commission rulemaking and reports issued under the Sarbanes-Oxley Act at: http://www.sec.gov/spotlight/sarbanes-oxley.htm.

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)
For Healthcare Providers
The Health Insurance Portability and Accountability Act requires confidentiality and security of health data. Healthcare providers should comply with the recent HIPAA legislation to ensure end-of-life data security for information stored on computers and other electronic equipment.
See HIPAA’s Advisory

GRAMM LEACH BILEY ACT (GLB)
For Financial Institutions
The Safeguards Rule under the GLB Act, requires that financial institutions take proactive steps to ensure the security of customer information. The Federal Trade Commission defines “financial institution” for the purposes of GLB compliance as any organization that works with individual's money. These include banks, credit unions and brokerages as well as any organization that receives data from these institutions. These also include:

Preparers of income tax returns
Consumer credit reporting agencies and credit counseling services
Real estate transaction settlement services
Debt collection agencies

See Federal Trade Commission Site
See Gramm Leach Biley Act

DOWNSTREAM RESULTS OF
IRRESPONSIBLE RECYCLING

Federal law states that the generator of a waste material containing hazardous substances, such as computers and electronics, is liable for proper disposal of that material throughout its life – even if it changes hands.

If not properly removed, data on the hard disks of obsolete computers can be easily compromised, jeopardizing the financial and legal standing of both large and small businesses, including doctor’s offices, brokerage houses and insurance agencies.