New Recycling
Compliance

E-waste compliance, data destruction, and audit ready documentation.

Retired hardware is a regulatory liability until it isn't. We carry the certifications, follow the destruction standards, and produce the paperwork your auditors, your privacy team, and your insurers need.

Regulatory frameworks we plan around

Every retirement project starts with the same question: which rules govern this data? Tell us your industry and we'll show you the relevant controls.

HIPAA

Protected health information on retired servers, imaging workstations, and clinical devices. Destruction documented to the asset level.

FACTA / GLBA

Consumer financial data on banking, lending, and insurance hardware. Methods aligned to the FTC Disposal Rule and GLBA Safeguards.

SOX

Financial reporting environments where chain of custody records support internal control attestations and external audit.

PCI DSS

Cardholder data environments retired with secure media handling, witnessed destruction, and certificate trail per Requirement 9.8.

FERPA

Student records on retired campus, district, and EdTech equipment, with documentation acceptable to school legal counsel.

CCPA & state privacy

California, Virginia, Colorado, Connecticut, Utah, with destruction events logged to support response to consumer deletion requests.

GDPR

Article 17 right to erasure workflows for EU data on retired infrastructure, with destruction proof for the record of processing.

R2v3

Responsible recycling chain of custody from your dock through certified downstream vendors. No landfill, no informal export.

RCRA & state e-waste

Hazardous-waste handling for CRTs, batteries, and certain printed-circuit assemblies under federal RCRA and state e-waste statutes.

Data destruction standards

The named methods we use, the ones auditors recognize, the ones your written policy almost certainly references already.

NIST SP 800-88 Rev. 1

The federal standard for media sanitization. We apply Clear, Purge, or Destroy based on the device's confidentiality category, not a one size fits all wipe.

NAID AAA aligned destruction

Physical destruction methods, particle sizes, and operator vetting aligned to NAID AAA. Witnessed destruction available. Bring your security officer to the floor.

DoD 5220.22-M

Available where the policy still references it. We'll happily run a DoD pass and a NIST Purge if your auditor wants belt-and-suspenders coverage.

Certifications we hold

Current certificates available on request. Under NDA for client facing audit packages, openly for vendor vetting questionnaires.

  • R2v3: Responsible Recycling
  • ISO 14001: Environmental
  • ISO 45001: Health & Safety
  • ISO 9001: Quality Mgmt.
  • NAID AAA aligned destruction
  • e-Stewards downstream chain
Your documentation package

Everything your auditor will ask for, before they ask.

  • Certificate of Destruction, per asset or per lot
  • Chain of Custody record, pickup to processor
  • Certificate of Recycling, downstream verified
  • Asset reconciliation against your inventory list
  • Method statement & operator credentials
Request the full packet

Compliance FAQ

  • Are you R2v3 certified?
    Yes. We hold current R2v3 certification for responsible electronics recycling, and copies of the current certificate are available on request. R2v3 governs how retired hardware moves through our facility and out to certified downstream vendors.
  • Do you handle CRTs, lithium ion batteries, and other regulated items?
    Yes. CRT monitors and TVs, alkaline and lithium ion batteries, and printed circuit assemblies containing regulated materials are all accepted and routed through appropriate downstream channels under RCRA and state e-waste rules. Flag these on the intake so we can plan the pickup accordingly.
  • Do you export overseas?
    No informal export. We route material through R2v3 and e-Stewards aligned downstream vendors, and we maintain the chain of custody records to prove it. If a downstream operator legitimately performs material recovery outside the United States, that vendor is vetted under the same standards.
  • Can we witness the destruction?
    Yes. Your security officer, compliance lead, or auditor is welcome to witness on site destruction, and we can arrange for a live video feed for remote witness on request. Witnessed destruction is signed in the presence of your representative.
  • How long do you keep our records?
    Chain of custody, certificates of destruction, and reconciliation records are retained for at least three years, and longer where an environmental, tax, insurance, or contractual obligation requires it. See our privacy policy for the full retention statement.
  • Do you meet HIPAA, PCI DSS, SOX, and GLBA documentation requirements?
    Yes, on the destruction side. We produce the certificate of destruction, chain of custody, and asset reconciliation records that HIPAA covered entities, PCI DSS assessors, SOX auditors, and GLBA regulated institutions typically require for retired hardware. See the Compliance page above for the framework by framework breakdown.
  • What certifications do you carry, and can I get copies?
    R2v3, ISO 14001 (environmental), ISO 45001 (health and safety), ISO 9001 (quality), NAID AAA aligned destruction, and e-Stewards aligned downstream. Current certificate copies are available for vendor onboarding on request.

Auditor asking questions?

Send us the questionnaire. We'll come back with the responses, the cert copies, and the redacted sample documentation they need.

Start the conversation