Internal Reference Number: FOI_5348
Date Request Received: 11/10/2019 15:44:52
Date Request Replied To: 06/11/2019 10:14:34
This response was sent via: By Email
Request Summary: IT and Telecommunication equipment disposal process
Request Category: Companies
|Question Number 1:|
How Many staff do you have in your organisation?
|Answer To Question 1:|
|Question Number 2:|
How many operational sites does the organisation have?
|Answer To Question 2:|
|Question Number 3:|
Who has the overall responsibility for the disposal of IT equipment within the organisation? Please supply Name, Job Title, Telephone and Email contact details.
|Answer To Question 3:|
Jon Burwell, Chief Information Officer, email@example.com, 01722 336262
|Question Number 4:|
Does the organisation currently have an IT asset disposal policy?
|Answer To Question 4:|
|Question Number 5:|
Do you use a third-party IT asset disposal company for this?
|Answer To Question 5:|
|Question Number 6:|
What is the name of that partner?
|Answer To Question 6:|
|Question Number 7:|
Do you have a contract in place with this company?
|Answer To Question 7:|
|Question Number 8:|
How often are disposal collections run?
|Answer To Question 8:|
|Question Number 9:|
If a contract is in place, when does this expire?
|Answer To Question 9:|
|Question Number 10:|
Do you currently pay for this service? If so, what is the typical cost over a 12-month period?
|Answer To Question 10:|
|Question Number 11:|
How old is each asset before it is disposed of? E.g. 3 /4 / 5 years
|Answer To Question 11:|
|Question Number 12:|
Do you presently receive any money back (rebates) for IT assets that you send to your disposal company?
|Answer To Question 12:|
|Question Number 13:|
Do you have a nominated Infrastructure Manager and who is this? Please supply Name, Job Title, Telephone and Email contact details.
|Answer To Question 13:|
Yes - contact details not releasable as the role is under a band 8
|Question Number 14:|
For devices with hard drive, do you require full destruction of hard drives, or just erasure and certification of erase?
|Answer To Question 14:|
Drives are erased however if they cannot be erased they are destroyed. Certificates can be requested.
|Question Number 15:|
Does the organisation have the ability to track an individual asset to ascertain the final route and destination of each asset disposed of? In the event of a data breech, how could you prove who had legal custody of each asset, and at what stage?
|Answer To Question 15:|
Not comprehensively but we would be able to see who was the last person to use certain assets.
There is a quarantine and disposal procedure that is followed
|Question Number 16:|
Does the current contract also include photocopiers / Multi-Functional Devices (MFDs)
|Answer To Question 16:|
We hold a contract for MFD's
|Question Number 17:|
How does your organisation finance MFDs… Lease or purchase?
|Answer To Question 17:|
|Question Number 18:|
Do you have a service contract in place for the copiers and if so when does this expire?
|Answer To Question 18:|
We do not hold a separate service contract for MFD's. It is part of the MFD lease contract.
|Question Number 19:|
Does your organisation have a contract in place for shredding of other forms of data, namely paper documents?
|Answer To Question 19:|
|Question Number 20:|
What is the spend in the last 12 months on paper shredding / destruction?
|Answer To Question 20:|
|Question Number 21:|
If a contract is in place for paper and document shredding, when does this expire?
|Answer To Question 21:|
To be reviewed in March 2020
|Question Number 22:|
Does your supplier currently comply with the EU General Data Protection Regulation (GDPR) which came into force on 25th May 2018?
|Answer To Question 22:|
|Question Number 23:|
What ISO accreditations do you require for a disposal company to have in order to work with your organisation?
|Answer To Question 23:|
It is the preferred solution for suppliers to hold ISO14001, ISO9001 and ISO27001 and ADISA
|Question Number 24:|
Who is the current appointed Data Protection Officer within the organisation, or person that presently deals with data protection? Please supply Name, Job Title, Telephone and Email contact details.
|Answer To Question 24:|
Heidi Doubtfire-Lynn, firstname.lastname@example.org, 01722 336262, IG/RA and Data Protection/Privacy Officer
|Question Number 25:|
Are there presently any other services that your organisation requires around the lifetime management of your IT assets?
|Answer To Question 25:|
|To return to the list of all the FOI requests please click here|
Our staff at Salisbury District Hospital have long been well regarded for the quality of care and treatment they provide for our patients and for their innovation, commitment and professionalism. This has been recognised in a wide range of achievements and it is reflected in our award of NHS Foundation Trust status. This is afforded to hospitals that provide the highest standards of care.