04-Piecing it together: Compliant Data Destruction in the new world

Piecing it together: Compliant Data Destruction in the new world

White Paper

|

May 2020

There is no one body of law that governs all aspects of data privacy and data destruction. Organizations must look to the various laws and regulations that impact this process and ensure they have a compliant process in place.

Like pieces of a puzzle, organizations must navigate the various bodies of laws and regulations to understand their obligations in this new environment.

When analyzing the various laws and regulations that make up the regulatory tsunami, the foundation of compliant data destruction processes comes to light.

Organizations must:

Requirement

Regulatory Source

Always maintain control of data

GDPR, EO 13800, NIST, CCPA, LGPD

Digitally track data (must account w/in 72 hours)

GDPR, LGPD

Institute risk averse processes and Cyber Security Framework

EO 13800, NIST, CCPA, LGPD

Ensure 3rd party certification

EO 13800, NIST, CCPA

Track, Contain, Dispose, Document, Verify

EO 13800, NIST, CCPA

Media Sanitization Dual Authorization

(sanitizer & verifier)

EO 13800, NIST

Destroy within 4 walls

GDPR, EO 13800, NIST, CCPA, LGPD

SHARE THIS WHITE PAPER

To meet United States and International regulations, TechR2 is recognized for compliance with GDPR, NIST and all governmental regulations concerning data destruction. | Copyright ©2020. Tear-A-Byte® is a registered trademark of TechR2.

Contact TechR2

Learn about Tear-A-Byte®

Schedule an Overview