GDPR specialist warns advisers against 'hammering' PCs to delete data

| Author: Tony Imossi (Secretariat) | Filed under: General News
GDPR specialist warns advisers against 'hammering' PCs to delete data

A GDPR expert has warned against simply taking a hammer to an old computer in an attempt to clear it of data, suggesting instead that a specialist's 'shredder' would be a more appropriate approach.

Speaking on the Compliance and Training Solutions (CATS) and Astrid webinar on 26 September, Astrid managing director and General Data Protection Regulation (GDPR) specialist Gerrard Fisher advised listeners against beating a machine with a hammer to clear it of important data.

Fisher suggested, if advisers were seeking to destroy data, it would instead be better to go to specialist, where they would likely use a specialist shredder and give the adviser a certificate proving the hardware had been destroyed.

"If you are going to get data destroyed, you want to get it done in a recognised way with a certificate of destruction," he added.

MiFID II and GDPR cause advisers biggest headaches

"Specialists will not be doing that with a hammer - they normally pass it through a 3mm shredder, so it comes out like a dust, and then you get a certificate saying, ‘yes, we put the hard drive in the shredder'. As a business, having that evidence to say it was definitely eradicated or destroyed - that is the evidence you need."

GDPR is European legislation designed to give citizens more control over their data. For advisers, this means they are obligated to keep client data safe indefinitely. The regulation came into effect on 25 May 2018 and is considered a big challenge facing advisers.

Don't Format - Overwrite

If a business instead wanted to sell on used hardware that contained data, Fisher again recommended taking the machine to a specialist to enable them to remove the data efficiently.

He likened improperly deleting or formatting a computer to removing a house number from a house - no-one knows the house number anymore, but they still know it is there, and it can still be burgled. He also warned software could be bought inexpensively from the dark web that discovers so-called 'deleted' files on computers.

A specialist, Fisher explained, would overwrite the existing data repeatedly with random data, however, so it became almost impossible to find the original data that required protecting.

Again, he said, a business owner should ensure they are given a certificate after going through that process, and would then be safe to do what they like with their hardware.

Source: Professional Advisor

Working with the Law Society

The ABI is the only association in this industry to be recognised by the Law Society of England and Wales, and included in the Law Society of Scotland's approved Supplier Scheme.

The highest independent professional bodies for solicitors put their trust in us. We’re confident you can do the same.

The ABI other partners also recognise the value of affiliation to the principal professional body in the investigation and litigation support sector:

COURTSDESK SEARCHER is an on-demand search for court cases, or parties involved in court cases, in England and Wales and the Republic of Ireland.
Scotland Law Society logo
Professional Indemnity Insurance
Thank you, your message has been sent.
A member of our team will be in touch shortly.