Vyta is very proud to have achieved ADISA Standard 8.0 Certification to Distinction level across all sites in Chelmsford, Dublin and Belfast. The highest certification achievable for IT Asset Disposal.
Who are ADISA?
ADISA is an independent certification body within the data protection and information security sector.
Established in 2010, ADISA provide a framework by which companies that offer IT Asset Disposal (ITAD) services can become certified.
Once audited to ensure the correct protocols and systems are in place for proper data security and WEEE recycling, a company can receive a pass, merit or distinction grade certification.
What does ADISA certification mean for ITAD clients?
Vyta routinely work for some of the most recognisable names in the ecommerce, banking, education, IT, defence, health, government and other sectors.
These clients hold various sensitive data types, ranging from health information, financial information, trade secrets or top secret information. As such they need to ensure that when they dispose of assets, they are disposed of correctly so information will never be recoverable.
Complying with these regulations will prevent data leaks, which can result in significant monetary fines, alongside reputational damage as you must announce the breach to your affected customers.
In the UK alone there are thousands of companies offering a variation of IT Asset Disposal, however clients are putting themselves at risk by using companies that aren’t certified. In fact, there have been some recent high profile data breaches caused by poor quality ITAD services resulting in millions lost in damages and legal fees.
ADISA Standard 8.0
ADISA’s latest standard, 8.0, is the highest certification possible for an IT Asset Disposal service provider.
ADISA offers two versions of its 8.0 standard, one mapped to UK GDPR law, and one to EU law, Vyta has both.
The 8.0 standard has been approved by the ICO (Information Commissioners Office), and accredited by the UK Accreditation Service (UKAS).
The use of a company certified to this standard can be used as evidence of GDPR compliance.
Data Impact Assurance Level (DIAL) Rating
A new part of Standard 8.0 is the Data Impact Assurance Level, also known as the DIAL rating.
This rating is calculated following a series of questions between Vyta, as the data processor, and the client, as the data controller.
The client then receives a certificate with their companies rating.
Question topics include :
- perceived threat to clients data
- risk appetite
- volume of data to be processed
- categories of data within that volume
- The impact of a data breach upon the client
A customer receives a rating of either 1, 2 or 3, with the higher ratings classifying a higher risk of threat to the data.
DIAL 3 Rating
As well as DIAL ratings for client organisations, there are also DIAL ratings for IT Asset Disposal companies. An ITAD must have an equal or higher DIAL rating than the one calculated for the client in order to be able to meet the necessary security requirements necessitated by the clients rating.
DIAL 3 rating for a client indicates a very significant risk to their data from outside sources, as such an ITAD must have a DIAL 3 rating which certifies that they have the necessary security infrastructure and protocols in place to process data from this type of client.
The ability to handle DIAL 3 data requires some unique conditions, these include use of only highly security vetted staff, GPS tracked collection lorries, sealed containers for holding data bearing devices, CCTV and more.
Vyta is one of only 8 companies globally that have been certified to DIAL 3 and able to handle the top tier of sensitive data.
Vyta is one of the most accredited ITADs in the world,
with ADISA being just one of our certifications.
To Discuss Your Organisations Secure IT Asset Management Requirements