The regular erasure of personal data is one of the basics of data protection compliance. Especially for companies with a large amount of data and an IT infrastructure that has grown over the years, data protection-compliant erasure is a considerable challenge. It is not sufficient to erase personal data at the request of the data subject. The General Data Protection Regulation (GDPR) requires storage limitation and thus regular erasure. Failure to erase personal data can result in severe fines or claims for damages. In addition, old data that are ripe for erasure jeopardise data quality and thus become an obstacle to the data-driven digitalisation of a company. The larger the data stock, the greater the risk that data protection breaches or IT security incidents will result in fines and/or claims for damages.
In this whitepaper, Stefan Hessel and Christina Kiefer explain the procedure for data protection-compliant deletion and show, among other things, what the consequences are for violations.
You can download the full whitepaper here.
back