The GDPR (General Data Protection Regulation) is a welcome replacement for the Data Protection Act.
The GDPR (General Data Protection Regulation) is a welcome replacement for the Data Protection Act. Our digital age of mass storage has moved so fast it has left the current DPA a little outdated.
As with most organisations, personal data has to be processed and stored. Responsibility for this data falls with the data controller within the organisation.
Under current legislation, the data controller is responsible for the organisations data. This applies to data that is no longer live or in use and has been disposed of. With fines for data breach being so stringent the importance of using Oden to handle secure data erasure or data destruction has never been so high.
The ICO (Information Commissioners Office) governs the protection of data. Data breach should be of concern as fines of up to £17.7 million, or 4% of the company in question last year annual Global turnover, whichever is higher!
Below is just one extract from the GDRP, demonstrating the importance of a closed loop asset retirement process:
Right to be forgotten/erasure: The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies: (e) the data has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject. (article 17, Right to erasure, page 107).
Data destruction can be very difficult to prove without data erasure certificate or physical destruction certificate.
We can't be responsible for your data when it is live, but we are the trusted partner you can rely on when you decommission IT assets and data-bearing devices.