Peer to Peer: ILTA's Quarterly Magazine
Issue link: https://epubs.iltanet.org/i/1530716
67 I L T A N E T . O R G CONCLUSION Periodic and secure disposal of unnecessary data is essential for reducing data risk and ensuring compliance with privacy and cybersecurity regulations. Although this may initially appear daunting and resource-intensive, prioritizing high-risk data and using leading software solutions can significantly reduce the time and effort involved while effectively mitigating risks to the organization. ILTA S T E P 3 Dispose of Unnecessary High-Risk Data Once unnecessary data is identified, organizations can begin to dispose of it. Organizations can significantly reduce risk while minimizing the workload on their employees by starting with disposing of high-risk data, such as sensitive personal information. Sensitive personal data is any data likely to cause significant harm to an individual if it were processed illegally. Examples include: • Credit card numbers • Social Security numbers • Information about job performance or criminal records During the disposal process, organizations should document key details, including: • The rationale for deletion, such as expired retention periods. • Detailed records of the disposition, including certificates of destruction and logs of the deletion process. This documentation is essential for audits, litigation, and regulatory compliance. Moreover, to safely comply with the disposition requirements in applicable privacy and cybersecurity laws, organizations should consider disposing of this data using the techniques outlined in the 'Methods that Comply with Data Disposition Requirements' section above. FAHAD DIWAN is the Director of Product Management (Privacy and Data Governance) at Exterro. He holds a J.D. and a B.C.L. from McGill's Faculty of Law and an Accounting and Finance degree from Concordia University. Fahad is a Fellow of Information Privacy with CIPP/C and CIPP/M designations from the International Association of Privacy Professionals. Fahad creates software solutions that automate privacy compliance, as well as AI and data governance tasks, like data discovery, assessments manager, data retention, data subject rights request, and consent management. ANAMIKA KUMAR is a seasoned content and PR professional at Exterro, overseeing and driving impactful projects across South Asia while contributing to global initiatives. She specializes in thought leadership con- tent and strategic PR campaigns that elevate brand visibility and foster meaningful engagement with diverse audiences. Anamika brings a keen eye for storytelling and a passion for crafting narratives that resonate on a global scale. Outside of work, she enjoys spending time with animals and embarking on new adventures, always seeking inspiration from the world around her. FEATURES