.webp)
What does the law state?
De Algemene verordening gegevensbescherming (AVG) is de nieuwe Europese privacywet die aangeeft dat jouw organisatie haar gegevens dient te beschermen. Zij eist van organisaties dat er maatregelen genomen worden om de persoonsgegevens van haar klanten en werknemers te beschermen. Hierbij gaat het om data die op hardware staat en niet wordt gebruikt, maar ook om papieren informatie zoals vertrouwelijke documenten. De wet stelt namelijk, dat de data die niet langer ‘nodig’ is vernietigd dient te worden.
Why destroy data?
De voornaamste reden om data te vernietigen is om hiermee datalekken te voorkomen. Het voorkomen van datalekken is onderdeel van normen zoals de ISO 27001 en NEN 7510.
Een datalek houdt in dat onbevoegde personen, wat ook hackers kunnen zijn, toegang krijgen tot klantgegevens of geheime bedrijfsgegevens. Hierbij kan het ook gaan om een papieren dossier dat bijvoorbeeld niet meer nodig is: de informatie hoeft dus niet perse digitaal te staan. Een persoon met kwade bedoelingen kan in zowel papieren informatie als ongebruikte datadragers data vinden en deze voor kwade doeleinden gebruiken.
A data breach can lead to business continuity breaches, reputation damage and financial losses. By destroying your data in a timely manner, you reduce the risk of data breaches and do your utmost to protect the privacy of your staff, customers and suppliers.
What do you need to destroy as an organization?
As an organization, you must destroy all unused information-bearing hardware and paper files. Examples include: hard drives, USB sticks, old servers or confidential information. The data must be permanently deleted, also known as making it unreadable. To destroy paper information, you can use a paper shredder that makes all data unreadable. For hardware, you have the choice of software-based data destruction and/or hardware-based data destruction. This way, as an organization, you can be sure that your data has been destroyed!
Software-based data destruction is the overwriting of data through software. This completely overwrites the data on the data carrier and the data can no longer be retrieved. The advantage of this is that the data carriers can provide a residual value for your organization. For example, you may even make money from it. In addition, the organization receives a certificate for software-based data destruction.
Hardware-based data destruction is the shredding of data carriers by means of a shredder. In shredding, the data carrier is ground until there is nothing left but shreds. This destroys the data completely. These shreds can then be recycled.
How can your organization destroy data?
You can destroy your data in different ways. As an organization, you can destroy paper documents with a paper shredder. However, this paper shredder must meet a number of requirements. We are happy to go through these requirements with you. We also offer solutions for shredding hardware.
Do you want to know how to safeguard your reputation and integrity? If so, we at Fendix are happy to think with you about how to destroy your organization's data and prevent a data breach, because prevention is better than cure!
