A quick guide to ethical data destruction

The data lifecycle starts with the capture of data and ends with the destruction of data. In this article, we look at why planning for data destruction is such an important part of ethical and responsible data management.

What is data destruction?

Data destruction is included as a form of data processing under UK General Data Protection Regulation (GDPR). When it comes to destroying data, GDPR gives people the option to have their personal data deleted. It also requires that data is kept for no longer than necessary and is handled in a way that prevents unlawful or unauthorised processing. For these reasons, organisations must have robust data destruction policies. 

Minimising the amount of data you store and for how long is the best practice for protecting privacy and lessening the impact of any future data breaches. Data destruction methods should be permanent and irreversible for physical and digital data and information.

Be clear at the start 

Establishing user expectations around data is crucial. Before a user opts in to sharing their data, they should be informed of the following things: when their data is being collected, the purpose for collecting the data, how long that data will be held and when (or if) it will be destroyed. Familiarise yourself with data collection ethics and ethical data storage from the outset.

Ask yourself:

Have you clarified how long any data will be used and when/if it will be destroyed before receiving user consent?

Meeting data destruction expectations

Planning is essential to ensuring there are no disruptions to destroying the data by the required date. It’s important to consider that different types of data will have different methods of storage. There may also be different levels of security for the data, or there may be other requirements that will need to be satisfied so the data can be destroyed. If organisations don't purge data properly, the danger is that there may be traces of information left behind that no longer have protection.

Ask yourself:

• Have you established expectations and timeframes that you can meet to get maximum value from data before it’s destroyed?
• Have you got the relevant policies in place to destroy all types of physical and/or digital data effectively and permanently?

Regularly review 

A final part of any data destruction policy should include procedures for routinely checking archives. This is to make sure there are no traces of purged data or data that is no longer useful and could be destroyed. 

Reviewing databases for existing but irrelevant data benefits an organisation in multiple ways. Regular review of data prevents you from exceeding data deletion requirements and reduces the impact of potential data breaches. It also helps with the user experience because reducing the volume of stored data makes it easier for the user to find, search and interrogate data. 

Ask yourself:

• Do you currently have old data that could, or should, be destroyed?
• What is the need and purpose for retaining data? 

Three key actions

• Stop disposing of sensitive data through file deletion, disk formatting, and “one way” encryption. These leave the majority of the data intact and able to be retrieved with the right tools.
• Create formal, documented processes for data destruction within your organisation and require that partner organisations do the same.
• Review and purge your databases of any expired or old data.

If you’re interested in the work we do with data, get in touch with our data team.