As companies deploy new technologies, they are faced with the issue of what do with their older IT assets. As the green movement and a call for greater corporate social responsibility have grown over the last decade, it is no longer acceptable for organizations to throw out old technology or simply to pass it along. IT asset disposal is a serious corporate social responsibility that should be taken to heart by both the private and public sectors and can reap huge benefits for the internal IT organization while, at the same time, being a good corporate citizen.
While proper asset disposal has been a growing movement amongst companies, many still consider it an obligatory act to comply with the “green” movement, despite the regulatory compliance laws. Organizations fail to understand that correct disposal methods can be extremely beneficial if properly planned and executed – from positioning the company as the “good guy” to increasing financial value of assets that have traditionally been looked at as depreciating in value, resulting in financial loss year-over-year – to closing compliance gaps.
Closing the compliance gap: Moving towards green is a matter of risk tolerance
With newly formed legislation and environmental regulations, IT asset disposal has a whole new level of compliance on a federal, state, local and even on the country level. These regulations open up two liability issues that companies must face: environmental and data security standards as well as regional e-laws that detail the disposal of hazardous wastes.
Facing increasing pressure to close compliance gaps and meet industry as well as federal, state and local regulations, IT asset disposal sits in the middle of many of these laws, either as a primary target of the law or as an avenue to create non-compliance. Not to close the compliance gap with the enterprise IT assets creates issues with data security, anti-landfill laws, privacy laws and many industry-specific regulations – such as SOX, Gramm-Leach-Bliley and HIPAA. Businesses that toss IT assets without giving thought to legislation face stiff fines and possibly even jail time for ignoring environment and regional legislation.
- Under the Gramm-Leach-Bliley Act or the Financial Services Modernization Act of 1999, there are stringent data protection rules of consumers’ non-public, personal information. Under this mandatory act, consumer information is protected from foreseeable threats of security and components on the governance of how consumer data is collected, disclosed and protects is outlined in detail. A proper IT asset disposal process ensures that this type of data is cleansed properly from any and all IT assets before disposal. Penalties for not complying with the GLB act can lead to heavy fines for the company.
- HIPAA, or the Health Insurance Portability and Accountability Act, regulates the use and disclosure of certain information held by healthcare service entities and establishes regulations on how, why and when health information can be disclosed and to whom. From health care plans to hospitals to the single physician practitioner, HIPAA governs how patient information can be disclosed. Violating this Act – whether purposefully or accidentally – means paying hundreds of thousands of dollars in fines and spending up to a decade in prison for each patient security information violation. Therefore, whether it’s a large hospital system or a single practitioner, proper IT asset disposal becomes vitally important.
For organizations who understand the benefits of proper disposal, the IT asset management program includes IT asset disposal, as described in the Key Process Areas defined in IAITAM’s Best Practice Library. The IT asset disposal best practices begin with the IT asset manager creating an internal IT asset disposal team or finding an IT Asset disposal service.
Support for a company’s corporate social responsibility efforts, if one exists
If an organization has adopted a corporate social responsibility program, the likelihood is great that an IT asset disposal and remarketing program will be part of a green initiative. While it may not be called or classified as IT asset disposal or as a part of the overall ITAM program, it most assuredly fits into both categories. Corporate social responsibility initiatives contribute enormously to a company’s corporate image, which will most certainly take a hit if assets are disposed in an irresponsible manner.
Some steps to ensure that your IT asset disposal program is taken seriously include:
- Internal communications projects to educate employees on issues surrounding disposal of electronics, the organization’s policies that guide the behavior of all employees and the proper procedures for disposal. As people are increasingly apt to support social program initiatives, it’s important to discuss the benefits of the IT asset disposal process for the environment, legislation and any philanthropic tie-ins such as donations of laptops to schools.
- Middle management buy-in. Without the support of individual team leaders – who will reinforce the validity of the process and enforce policy – the IT asset disposal process will surely fail.
- Risk/reward distinction. Consider creating a reward for individuals or a department for their ITAD efforts.
New value from old assets
IT assets have traditionally been viewed as a necessary “write off” expense line item that depreciated in value year-over-year and was looked upon as “lost money.” It’s always been a reluctant expense layout for organizations, which explains why you’re still working on a PC the size of child’s suitcase with Window 2000 or Windows XP. So, it’s time to talk about a proper IT asset disposal process with the senior decision makers.
Trying to sell senior executives on an IT asset disposal process is like Sisyphus rolling a huge boulder time-and-time again up a hill. However, if you tie IT asset disposal with a corporate social responsibility program, mention the world “green” and talk about how you’re actually creating value from old IT assets that can bring money back into the company, then you have a bunch of men and women sitting up to take notice. Next thing you know, you’ll even have a cross-functional team dedicated to working on the IT asset disposal process.
In addition to bringing good corporate karma from the green and social responsibility aspects of IT asset disposal, new value from old assets is another important selling point. Consider the possibilities from:
- Sale or consignment of enterprise assets – from mobile phones to laptops to servers
- Tax deductions (not devaluation) from donating assets to non-profit organizations or schools
- Remarketing programs with hardware vendors
By initiating an ITAM program that includes IT asset disposal, companies gain more value from their assets by understanding when, where and how an asset will be “retired” and ready for disposal. By controlling and completing the lifecycle of an IT asset, compliance is assured in all aspects – from corporate policy through many types of regulations.
By recouping a percentage of all IT assets, the IT asset disposal process can be self-sustaining, will pay for itself within the first year, AND give the organization a successful social awareness program.
About Martin Thompson
Martin is also the founder of ITAM Forum, a not-for-profit trade body for the ITAM industry created to raise the profile of the profession and bring an organisational certification to market. On a voluntary basis Martin is a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.
He is also the author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management. In addition, Martin developed the PITAM training course and certification.
Prior to founding the ITAM Review in 2008 Martin worked for Centennial Software (Ivanti), Silicon Graphics, CA Technologies and Computer 2000 (Tech Data).
When not working, Martin likes to Ski, Hike, Motorbike and spend time with his young family.
Connect with Martin on LinkedIn.