Part 1 of 5: In this series, we’re exploring how to maintain compliance with the MPAA Content Security Best Practices during the decommissioning process. To begin the series, we’re providing an overview of the media disposal requirements, including certified hard drive destruction.
Every third-party vendor who works with a Member of the Motion Picture Association of America (MPAA) understands the importance of protecting the studio’s intellectual property from content production all the way through the media destruction process. The MPAA established the MPAA Content Security Program to help media company and studio vendors understand content security expectations and current industry best practices. This includes procedures for the disposal of content, such as certified digital media and hard drive destruction.
MPAA Content Security Media Destruction
As in many industries, the conversation about data security in the entertainment industry often centers around concerns involving data breaches, malware, and hacking. However, the MPAA understands that a key element of an effective digital security strategy is the plan for how you dispose of information when it’s no longer needed. Most studios have now begun auditing their third-party vendors for compliance to content security guidelines.
Why Certified Hard Drive Destruction Matters
From inventory tracking to disposal procedures, the asset management section of the MPAA Guidelines discusses the handling of client assets. As vendors read sections PS-16.0 through 16.4, they begin to understand why certified hard drive destruction matters.
The best practices for the disposal of content and data include:
16.0 – Require that rejected, damaged, and obsolete stock containing client assets are erased, degaussed, shredded, or physically destroyed before disposal.
16.1 – Store elements targeted for recycling/destruction in a secure location/container to prevent the copying and reuse of assets prior to disposal.
16.2 – Maintain a log of asset disposal for at least 12 months.
16.3 – Destruction must be performed on site. On site destruction must be supervised and signed off by two company personnel. If a third-party destruction company is engaged, destruction must be supervised and signed off by two company personnel and certificates of destruction must be retained.
16.4 – Use automation to transfer rejected discs from replication machines directly into scrap bins (no machine operator handling).
When a studio audits its vendors following a project, they are expected to be able to prove compliance to these steps. This includes presenting a Certificate of Destruction of hardware that stored the studios digital assets and intellectual property.
Explore the Industry’s Most Reliable Certified Hard Drive Destruction Service
Whether you’re concerned about compliance with the MPAA Content Security Program or simply want to show your clients that you take the protection of their data seriously, it’s important to partner with a certified hard drive destruction company.
At E-Waste Security, our certified hard drive destruction and IT asset disposition company provides trusted service to large and small companies throughout Los Angeles, Orange County, and Santa Clara County. Our onsite data destruction and hard drive shredding service is NAID Certified and compliant with PCI DSS, HIPAA, and GLBA. We provide full-service IT Asset Disposition (ITAD) services including the purchase, removal, and recycling of computer equipment to provide our clients with a convenient solution for their decommissioning projects.
Contact Us Today for a quote.