Data deletion from memory devices HARD DISK, SSD, USB, RAID – GDPR READY GDPR 2016/679
(100% compliant with regulation 2016/679)
It is mandatory for every company or professional firm to securely and certifiably delete data present on every PC, notebook, printer and any other device with memory units that is:
DECOMMISSIONED – SCRAPPED – DONATED – OTHER USE
Simple physical destruction of the disk or low-level formatting can theoretically ensure definitive data loss, but from a legal standpoint only certification of completed deletion represents the exonerating element when it becomes necessary to demonstrate that data has been permanently removed.
The risk of failing to delete data from a memory device no longer in use exposes the device owner to the risk of fines for non-compliance with GDPR regulations or potential compensation claims from the data subject (i.e., the person whose data remained on the memory unit without justification).
The service for certified deletion of data contained on hard disks, USB drives, memory of all types including external memory of mobile devices smartphones/tablets is a mandatory service indicated by GDPR regulations in the following articles:
- Art. 4 of GDPR 2016/679
In the definition of “processing” are included the erasure or destruction of data. - Art. 5 of GDPR 2016/679
It specifies that data must be kept for a period of time not exceeding the achievement of the purposes for which they are processed. - Art. 17 of GDPR 2016/679
It requires the use of certified removal systems to remove them permanently in compliance with their Privacy (right to be forgotten).
The Privacy Authority has defined data deletion procedures with Provision of October 13, 2008 (Official Gazette no. 287 of December 9, 2008) “Waste electrical and electronic equipment (WEEE) and personal data security measures”.
The applied method complies with what is indicated in Annex A, paragraph 3 of the Authority’s provision:
Technical measures for secure data deletion, applicable to electronic or computer devices:
Secure deletion of information, achievable with computer programs (such as wiping programs or file shredders) that, once the user has deleted files from a disk drive or similar storage media using the normal tools provided by different operating systems, repeatedly write random sequences of binary digits (zero and one) in the empty areas of the disk (previously occupied by the deleted information) to minimize the probability of information recovery even through electronic data analysis and recovery tools.
