February 27, 2009
Recently I documented my thoughts on “Deleting Data does not Purge Data“. My inclination was toward developing a policy which would formulate the “Data Destruction Policy” in our company.
We deal with confidential data all the time which is sent by clients for:
During this time, the data is passed around our highly qualified staff (who have signed a “Non-Disclosure” agreement). Many a times, we have seen the medium of transporting/transferring data is a secure channel. However some times, the channel storing/transferring confidential data could also be a “DVD”, “USB Drive” or even a “Magnetic Tape Drive”.
To safeguard the interest of our clients and our staff members, we have partnered with a “Digital Media/Data Destruction Company”. This company guarantees destruction of digital information from any external media at a nominal cost of ($15-$25) per incident.
The Data Destruction Company has signed a “Non-Disclosure” agreement. So the data/information is safe and not in unsafe hands.
Here is the process that we have set:
We have also published this process within our organization so that any staff member who believes that they have disk/data that needs to be destroyed can contact our IT staff members and take advantage of the new “Data Destruction Service”.
This is a process which has safeguarded our position with the clients and we have built a trust relationship where we respect the privacy and confidentiality of the data we receive.