Data Destruction
1. Overview
Personal data in manual (paper-based) format, and the technology equipment on which such data is stored in electronic (automated) format, cannot simply be thrown away. Proper disposal of equipment is both environmentally responsible and required by law.
Paper files, hard drives, USB drives, CD-ROMs and other storage media contain various kinds of flowprofiler® Global Ltd data, some of which is considered both commercially and personally sensitive. In order to protect the data, all storage mediums must be properly disposed of. Electronic media should also be ‘wiped’ prior to being appropriately destroyed, to remove any risk that confidential or sensitive data remains retrievable.
However, simply deleting or even formatting data is not considered sufficient. When deleting files or formatting a device, data is marked for deletion, but is still accessible until being overwritten by a new file. Therefore, special tools must be used to securely erase data prior to equipment disposal.
flowprofiler® Global Ltd is aware of its obligations under the GDPR to retain personal data in a safe and secure manner for as long as necessary, and to then dispose of such data in an appropriate manner.
This Data Destruction Policy outlines flowprofiler® Global Ltd’s approach to fulfilling such obligations.
2. Purpose
This policy has been developed to define the requirements for proper disposal of manual and electronic data at flowprofiler® Global Ltd.
3. Scope
This policy applies to all personal data held by flowprofiler® Global Ltd in both manual and electronic formats.
4. Policy
4.1 Manual Data Disposal
- flowprofiler® Global Ltd will schedule a regular review of its retention of manual records, and will schedule timely destruction of paper-based records where retention has exceeded flowprofiler® Global Ltd’s operational requirements and Regulatory obligations.
- These manual records will be collected and stored in a secure environment, prior to destruction;
- flowprofiler® Global Ltd will make paper cross-cut shredders available within the organisation in order to dispose of paper records which have no, or short-term retention periods – this may include (but are not limited to) general office correspondence, hand-written notes used prior to transcription, copies of documents which might have been used for short-term cross-reference, etc.
- Staff will be trained and aware of their obligation to shred such material using these in-house shredders.
- For the bulk disposal of paper records for which there is a medium- to long-term retention obligation, flowprofiler® Global Ltd will appoint an appropriately specialised third party to process the act of destruction of these records, using approved and recognised industry standard methods;
- The third party will be required to sign an appropriate Data Processor contract, as per requirements from [the appropriate legislation];
- This third party will be required to security vet all staff involved in the process of data destruction, to BS:7858 Security screening of individuals employed in a security environment. Code of Practice standard, including (where appropriate) police-based security clearance;
- In order to minimise the risk of inadvertent loss or disclosure, all manual records due for destruction should be shredded as soon as possible once their retention has exceeded the respective retention obligation;
- The following steps will be required for the effective destruction of manual data:
- Collation of the paper records to a designated and secure flowprofiler® Global Ltd site;
- Ensure the third party takes full responsibility for the collection and (where necessary) removal of the records from the designated flowprofiler® Global Ltd site;
- Ensure the third party tags all equipment prior to destruction;
- Ensure the third party provides a sufficient number of personnel to ensure that the records can be removed and shredded as quickly, efficiently and securely as possible;
- Ensure the third party records some level of inventory of the paper records on site, prior to commencement of the destruction process;
- All records to be placed in secure bags or cartons, prior to loading on to a vehicle for on-site destruction, or transport to a remote site for same;
- The appointment of appropriate flowprofiler® Global Ltd staff to witness the shredding/decanting of all records and the security of the vehicle and/or remote site, for the purpose intended;
- Ensure the shredding of all redundant paper records are reduced to cross-cut debris no larger than [appropriate dimensions] in surface area;
- The third party will issue an appropriate and valid Certificate of Destruction;
- The third party will be required to provide a clear documented action plan, with escalations, in the event of any major or minor incident that may impact the fulfilment of the shredding service;
- The third party will account for the environmentally-friendly disposal of the shredded materials, to the satisfaction of flowprofiler® Global Ltd, as a final phase of this destruction process.
4.2 Technology Equipment Disposal
- flowprofiler® Global Ltd will schedule a regular collection of end of life technology equipment, throughout the organisation. This equipment will be collected and stored in a secure environment, prior to destruction;
- Technology equipment included in the scope of this policy are:
- Internal Hard Drives (Physical/SSD);
- External hard Drives (Physical/SSD);
- RAM Modules;
- Tapes (DAT/DLT/LTO);
- CD/DVD/Blu-ray;
- Mobile Phones/PDAs;
- USB Sticks;
- flowprofiler® Global Ltd will appoint an appropriate third party to process the act of destruction of this equipment, using approved and recognised industry standard methods;
- The third party will be required to sign an appropriate Data Processor contract, as per requirements from the [appropriate legislation];
- The third party will be required to security vet all staff involved in the process of data destruction, to BS:7858 Security screening of individuals employed in a security environment.
- Code of Practice standard, including police based security clearance;
- All destruction must be same day;
- The following steps will be required for the effective destruction of technology equipment:
- Collection of the equipment from a designated and secure flowprofiler® Global Ltd site;
- Ensure the third party takes full responsibility for the packing and removal of equipment from the designated flowprofiler® Global Ltd site;
- Ensure the third party tags all equipment prior to destruction;
- Ensure the third party provides a sufficient number of personnel to pack and remove the equipment, so that the equipment can be removed as quickly, efficiently and safely as possible;
- Ensure the third party delivers, fills and removes full storage boxes and cages on the same day;
- Ensure the third party completes an asset registry count on site, prior to commencement;
- All equipment to be placed in security boxes and sealed, prior to loading on to a vehicle for on-site destruction, or transport to a remote site for same;
- The appointment of appropriate flowprofiler® Global Ltd staff to witness the shredding/decanting of all equipment and the security of the vehicle and/or remote site, for the purpose intended;
- Ensure the destruction of all redundant media to debris no larger than 20mm in diameter;
- The third party will issue an appropriate and valid Certificate of Destruction;
- The third party will be required to provide a clear documented action plan, with escalations, in the event of any major or minor incident that may impact the fulfilment of the service;
- The third party will account for the environmentally-friendly disposal of the shredded materials, to the satisfaction of flowprofiler® Global Ltd, as a final phase of this destruction process.
5. flowprofiler® Global Ltd ramifications
flowprofiler® Global Ltd is very much aware of its responsibilities towards the personal data within its care, whether in manual or electronic format. flowprofiler® Global Ltd is equally aware that failure to properly dispose of such data can have several negative ramifications to flowprofiler® Global Ltd, including regulatory investigations, fines and penalties, negative customer perception, reputational damage and costs associated with notifying concerned parties of data loss and/or inadvertent disclosure.
6. Definitions
BS:7858 | Standard for security screening of employees |
Certificate of Destruction | A legal document showing that all materials that have been handed over to the custody of a destruction service provider have been destroyed. |
Data Inventory | A comprehensive list of the material (whether paper-based or electronic) which is subject to destruction. |