You and your organisation have an obligation under the GDPR to ensure irreversible, safe destruction of any data forms once their use and retention period have expired. This is to protect unlawful and or unauthorised access to such data. This obligation doesn’t only apply to live data but any data whether it be your own or other peoples which is stored on decommissioned IT hardware.
Theft and sale of stolen and or misplaced data which is used for illegal purposes is becoming highly lucrative and is a fast growing sector of the black market. Sophisticated criminals are using expert knowledge to steal valuable information. One of the major areas such criminals prey on is accessing data on broken or disposed of IT hardware. Don’t assume that because an IT item is broken it is data safe because you are more often than not terribly wrong. The only data safe option once an item is broken is to undertake destruction by a certified and approved method.
To be compliant with the GDPR when it comes to IT disposal doesn’t have to be difficult and costly. Revive IT provide full scale decommissioning, secure logistics, asset logging / reporting, onsite and offsite data destruction along with full consultation and advice at each stage. The whole service is provided free of charge but if your IT hardware retains value, we recommend using our IT remarketing service where we will resell your hardware and return the residual value back to you.
We have put together a simple checklist to help you protect your business and yourself.