RETENTION AND DELETION POLICIES
Delete data that is no longer required. It sounds simple, but it’s one of the most challenging areas of privacy compliance. Knowing what to delete and when is something many organisations struggle with. It’s a tempting and easy option to keep everything. But allowing old data to accumulate poses a growing risk to an organisation.
Retaining data sounds like the safe approach. In fact, it’s one of the biggest risks to organizations arising from accidental disclosures and unauthorized access. The key is knowing when a piece of personal information is no longer required and how to navigate other laws, such as financial recordkeeping rules, that mandate certain data be kept. Waltzer is able to create and manage your retention policies – the ground rules for what to keep and what to delete. We can also guide you on implementing the rules in your IT systems.
When done properly, a retention policy is an effective way to minimize data breaches and keep your risk profile as low as possible. After all, you can’t lose what you don’t have.