Note: Legal information is not legal advice. Contoural provides information pertaining to business, compliance, and litigation trends and issues for educational and planning purposes. Contoural and its consultants do not provide legal advice. Readers should consult with competent legal counsel.

What is Your Policy for Data in Retirement

Data management demands are increasing even as organizations initiate improved practices. While many have developed standards for the creation, movement, and storage of data, attention is turning to the critical area of deletion. Data growth, legal and regulatory requirements, and security concerns have forced us to examine how and when data can be deleted. How information technology-driven organizations deal with their data in retirement can prove critical. From concerns about ever-growing data storage requirements to excess spending on e-discovery and business critical information, the ability to delete data has never been as important as it is today. Whether considering end-user, data center, or even telecommunications and office equipment, it must be retired in an economical, ecological, and secure fashion. Poor sanitization practices could allow information to be recovered fromretired storage devices, posing serious legal and financial penalties for those involved.

Information must be protected in this age of identity theft, and every type of organization is vulnerable. Even data not protected by privacy regulations must be kept confidential to preserve a positive public image, prevent legal jeopardy, and simply for maintaining the trust of clients. The laws that do existoften call for widespread notification of security breaches that can cause serious harm to reputation and customer confidence. Triggers for these notifications are tied to the "loss of custody" of the data, either unintentionally or as part of the retirement of media that once stored this data. All lost data is subject to the same risks and compliance requirements.

As organizations begin to face the challenge of data in retirement, they must implement a layered approach to data security to ensure that data is deleted completely, actions are audited and logged, and equipment is retired in accordance to policies. As management practices improve, another benefit can be realized as well: Equipment can be remarketed for value providing it with a second life and thus maximizing the benefit to the environment. This value often offsets the cost of disposal, making the realization of a data in retirement strategy a net positive for the business.

Request White Paper