What to do with the old devices? How to deal with them?
GDPR – How to deal with end of life data storage devices
With the fast approaching deadline of the new GDPR regulation, more and more questions are being asked. Despite the uncertainty of the moment, one thing needs to happen, we must change the way that we look at our data from a company perspective and from a consumer point of view. Most of the talks about the GDPR tend to concentrate on the devices and data that are in use in now. Another crucial point is the end of data storage devices. What to do with the old devices? How to deal with them?
The GDPR coalition recently published a guide orientating companies how to deal with this future issue. Here we summarised the main highlights.
Step 1 - Equipment at risk
Which kind of equipment might be in this category? Hard drives, solid drives, smartphones, tablets, USB drivers and electronic security badges. All equipment must be treated carefully once they are not in use anymore.
Step 2 – Time to review the risk
The action to be taken now is to assess your/clients’ current disposal policy and audit across the company as to what happens to end of life data storage equipment today.
Step 3 – Cloud included
All data counts, even if is no allocated in your company, you are responsible for it. If the data is stored on cloud services, you need to find out what disposal processes your/client’s service provider adheres to for their end of life server hard drives.
Step 4 – Destroy effectively
The only and safest way of ensuring 100% of your data is destroyed is to physically shred or disintegrate devices down to EU DIN security level standards.
Step 5 – Solution options
A destruction process can be carried out internally by using specialist shredding equipment, depending on the amount and frequency of data that you need to destroy. You can also hire an approved third-party data destruction company to do it for you.
Last, but not least
You must ensure that the ‘chain of custody’ of your data is not compromised by failing to control fully the data destruction process.
Preparation is key
With these new rules coming into place in May next year, companies need to be prepared to hit the ground running. New Horizons Ireland has the training courses needed to get your staff in a position of confidence in relation to the new regulations.
GDPR Certifications
Certified Information Privacy Professional
|
 |
The “what” of privacy, and why you need it.
- Legal
- Compliance
- Information Management
- Data Governance
- Human Resources
|
Duration: 2 days
Includes:
- Exam
- IAPP membership
- Official training
|
|
View outline
|
Certified Information Privacy Manager
|
 |
The “how” of privacy operations, and why you need it.
- Risk Management
- Privacy Operations
- Accountability
- Audit
- Privacy Analytics
|
Duration: 2 days
Includes:
- Exam
- IAPP membership
- Official training
|
|
View outline
|
Certified Information Privacy Technologist
|
 |
The “how” of privacy and technology, and why you need it.
- Information Technology
- Information Security
- Software Engineering
- Privacy by Design
|
Duration: 2 days
Includes:
- Exam
- IAPP membership
- Official training
|
|
View outline
|
Other Popular GDPR courses
The GDPR Primer for Data Protection Officers
2 Days
- The social, historical and legal background leading to the general data protection regulation (GDPR)
- Principle one: the criteria governing fair, open and transparent processing of personal data
- The role of the data protection officer (DPO)
- The remedies, liabilities and penalties available under the gdpr
- Provisions for specific processing situations
- Preparing for implementation of the GDPR
Outline and course dates
Watch our webinar
GDPR, IAPP Training and Certification: What you haven’t heard, and why you need to hear it before May 25th 2018
DATE: 02/15/2018
TIME: 5:00 am PST / 8:00 am EST / 1:00 pm GMT
PRESENTER: Paul Jordan, Managing Director, Europe - IAPP
Most know that GDPR is taking effect on May 25th 2018 which requires organizations to prepare technology, processes and people towards gaining compliance. Due to this EU regulation there has been a recent surge of training solutions that have become available in the marketplace. Unfortunately many make claims that their training will make your organization GDPR compliant which is not possible. To help decipher how to best prepare your organization for GDPR compliance, we have enlisted the help of the world’s largest data privacy certification and membership organization, International Association of Privacy Professionals (IAPP). Paul Jordan, Managing Director – Europe IAPP, will provide clarity on why privacy and security sit on opposite sides of the front door to an organization, and how GDPR will impact organizations, people, technology and processes all over the world. Mr. Jordan will also will explain how IAPP’s ISO certified training, certifications and membership sets itself apart from other solutions. Do not miss this exceptional opportunity to hear the latest from Mr. Jordan while having the opportunity to ask questions how best to prepare your organization for GDPR and longer term data privacy needs.
Watch Now
Subscribe for more!
Never miss another free webinar. Get all the latest cheat sheets. Be informed about our complimentary training. Subscribe to our Newsletter now and and never miss out again!
Subscribe now