FAQ

What is ITAD verification?

ITAD verification is the process of independently confirming that asset tracking and compliance steps within an IT asset disposition (ITAD) workflow have been properly completed for each device and project. It provides continuous oversight beyond standard certifications, ensuring that data-bearing assets are securely handled, destroyed, and documented according to required cybersecurity and privacy standards like NIST 800‑88, HIPAA, and GDPR.

What is Veridy Verification?

Veridy Verification is an independent service that validates ITAD processes against ISO 27001, SOC 2, and Zero Trust principles. It helps organizations meet strict regulations such as SEC, HIPAA, and GDPR.

How does Veridy differ from unverified ITAD?

Veridy adds an independent oversight layer using the ITAD Verification Framework (IVF). It reconciles records and ensures security, transparency, and compliance beyond what vendors provide on their own.

What is the ITAD Verification Framework (IVF)?

The IVF enforces chain-of-custody through three controls:

No sharing of serial numbers with downstream vendors
Verification tag tracking
Verification holds on equipment until reconciled

Why is verification necessary?

Verification prevents conflicts of interest, ensures accurate reporting, and strengthens security. It reduces the risk of breaches, compliance failures, and regulatory penalties.

What is the difference between certification and verification?

While certification (e.g., R2v3, e‑Stewards, NAID AAA) confirms that a vendor adheres to industry standards, verification continuously proves—on an asset‑by‑asset basis—that destruction and compliance steps actually occurred.

Certification is periodic; verification is ongoing, project‑specific, and actively safeguards against fraud, theft, or reporting inaccuracies.

Verification acts as the accountability layer that ensures an organization’s ITAD program is not just certified on paper but secure in execution.

How does the Veridy process work?

Three steps:

The client submits their inventory (email or upload).
The processor submits its inventory after receiving equipment.
Veridy reconciles both and issues a Verification Report confirming chain of custody.

Can we perform verification without Veridy?

In theory, yes—but it’s expensive, time-consuming, and risky. Compliance requires segregation of duties, so verification must be independent of asset managers. Veridy provides this oversight using purpose-built software and a proven two-key reconciliation method—something difficult and costly to replicate in-house.

How does Veridy support compliance?

Veridy creates detailed audit trails, confirms proper data destruction, and tracks assets transparently—helping organizations meet SEC, HIPAA, GDPR, CCPA, and other regulatory requirements.

Does Veridy work with our ITAD vendor?

Yes. Veridy integrates seamlessly with existing ITAD workflows, adding independent verification without disrupting established processes.

How long does verification take?

Most verifications are completed within a few hours.

How do we purchase Veridy?

Veridy is available only through authorized ITAD vendors trained in defensible disposition.

What does Veridy cost?

Veridy doesn’t set pricing. Authorized ITAD vendors offer verification, and costs vary by project. Contact your vendor directly. If your vendor isn’t authorized, see the list here: veridy.com/directory.

Have more questions?

We’re here to help. Contact us anytime at support@veridy.com or by completing the form below.