What does the law state?

The General Data Protection Regulation (AVG) is the new European privacy law that states that your organization must protect its data. She requires organizations to take measures to protect the personal data of its customers and employees. This includes data that is on hardware and is not used, but also paper information such as confidential documents. Indeed, the law states that data that is no longer 'necessary' must be destroyed.

Why destroy data?

The main reason for destroying data is to prevent data leaks. Preventing data breaches is part of standards such as the ISO 27001 and NO 7510.

‍

A data breach means that unauthorized persons, including hackers, gain access to customer data or secret company information. This can also include a paper file that is no longer necessary, for example: the information does not necessarily have to be digital. A person with bad intentions can find data in both paper information and unused data carriers and use it for malicious purposes.

‍

A data breach can result in business continuity breaches, reputational damage and financial losses. By destroying your data in time, you reduce the risk of data breaches and do your utmost to protect the privacy of your staff, customers and suppliers.

What do you need to destroy as an organization?

As an organization, you must destroy all unused information-carrying hardware and paper records. Examples include: hard drives, USB sticks, old servers, or confidential information. The data must be permanently deleted, also known as making the data unreadable. To destroy paper information, you can use a paper shredder that makes all data unreadable. For hardware, you have the choice between software-based data destruction and/or hardware data destruction. This way, as an organization, you can be sure that your data has been destroyed!

‍

Software-based data destruction is the overwriting of the data by means of software. As a result, the data on the data carrier is completely exceeded and the data can no longer be found. The advantage of this is that the data carriers can provide residual value for your organization. For example, you may even have money left over. In addition, the organization receives a certificate for software data destruction.

‍

Hardware data destruction is shredding the data carriers with a shredder. When shredding, the data carrier is ground until there is nothing left but fragments. As a result, the data is completely destroyed. These scraps can then be recycled.

How can your organization destroy data?

You can destroy your data in various ways. As an organization, you can destroy paper documents with a paper shredder. However, this shredder must meet a number of requirements. We would be happy to discuss these requirements with you. We also offer the solution for shredding hardware.

‍

Do you want to know how to ensure your reputation and integrity? Then we at Fendix are happy to think along with you about how you can destroy your organization's data and prevent a data breach, because prevention is better than cure!