EOL IT Services has now merged with tier1 Asset Management Ltd

GDPR & Data Destruction: What You Need To Know

by | May 15, 2018 | IT Security, News

The implementation of the GDPR is fast approaching, and the new regulation will change the way in which all businesses collect, store and dispose of their data from 25th May 2018. In order to avoid hefty fines and damages to reputation, businesses will need to ensure complete compliance throughout the entire lifespan of any of its data. To help your business ensure GDPR compliance, we have put together a guide of everything you need to know about data destruction under the new GDPR.

Fines Are Increasing

One of the most significant changes that the GDPR will bring is financial. Businesses who fail to comply, or who fall victim to a data breach through a lack of compliance, will be required to pay fines of up to €20 million or 4% of the businesses’ annual turnover – a significant increase on the fines imposed under the current Data Protection Act. This means that data destruction needs to be secure and efficient, to the point of eliminating the risk of redundant data being recovered by the wrong person.

Documentation is Key

One of the key changes for data destruction under the GDPR is that businesses will be obliged to document the process of destruction much more thoroughly than in the past. Not only will businesses be expected to record exactly what data is stored on which devices, they are also expected to keep a record of what happens to that data throughout the entirety of its lifespan, including its destruction. Under the new regulation, businesses should be able to maintain a chain of custody that proves the whereabouts and ownership of the data, as well as a certificate of destruction to prove that it has been effectively destroyed.

Data Controllers and Processors Are Liable

Under the GDPR, both data controllers and data processors are liable for the security of data. This means that, even if you entrust an ITAD company to destroy your data and data storing devices, you will still be held accountable should a data breach occur. For this reason, it is important that you select a reputable and accredited ITAD provider who will take the same approach to data disposal as you would.

Employees Need Educating

It is vital that all employees, regardless of the nature of the data they interact with, are fully aware of the implementation of the GDPR and how they might change their approach to the security of data destruction accordingly. Not only should you educate your employees as to the financial implications of a breach, you should also make them aware of the impact it can have on their, your business’ and your clients’ privacy. Offering regular GDPR compliance workshops can also be a useful way of getting employees to demonstrate their knowledge, and gives them the opportunity to ask any questions about a specific area of data destruction.

While ensuring GDPR compliance when it comes to data destruction might seem daunting, it also offers you the opportunity to heighten data security for your business, employees and clients, allowing you to offer a better and safer service overall.

With over 25 years industry experience, tier1 are proud to be the UK’s most accredited ITAD supplier. We possess the skills, accreditations and experience to handle our clients’ data with the care they deserve, and to dispose of it responsibility and legally.

Contact us today on 0161 777 1000 or visit https://www.tier1.com to find out how we can help you dispose of your data safely and reliably.


Recent Stories

What Do Refurbished Technology Grades Mean?

What Do Refurbished Technology Grades Mean?

As enterprises strive to balance their sustainability targets and a limited financial budget with the technology requirements of the business, an increasing number of CIOs are taking a circular approach to IT procurement. Our ‘take, make, dispose’ culture has had a...

7 Questions to Ask Your ITAD Supplier.

7 Questions to Ask Your ITAD Supplier.

The growth of the cloud, the emergence of hybrid working and remote collaboration along with the soaring quantities of data-rich Internet of Things devices means that IT asset disposition no longer solely concerns the disposal of end of life IT assets. Today’s ITAD...

Are Unintentional Cyber-attackers Risking your Data Security?

Are Unintentional Cyber-attackers Risking your Data Security?

As we learnt during the last couple of years, for the cyber-criminals, a crisis merely presents an opportunity. In 2020, malware attacks rose by 358% and in the first quarter of 2022, Russia experienced nearly 3.6 million data breaches, an 11% increase*. Cyber-attacks...