reusch­law White­pa­per: Con­cepts for data era­su­re and how to imple­ment them

The regu­lar era­su­re of per­so­nal data is one of the basics of data pro­tec­tion com­pli­ance. Espe­ci­al­ly for com­pa­nies with a lar­ge amount of data and an IT infra­struc­tu­re that has grown over the years, data protection-compliant era­su­re is a con­sidera­ble chall­enge. It is not suf­fi­ci­ent to era­se per­so­nal data at the request of the data sub­ject. The Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) requi­res sto­rage limi­ta­ti­on and thus regu­lar era­su­re. Fail­ure to era­se per­so­nal data can result in seve­re fines or claims for dama­ges. In addi­ti­on, old data that are ripe for era­su­re jeo­par­di­se data qua­li­ty and thus beco­me an obs­ta­cle to the data-driven digi­ta­li­sa­ti­on of a com­pa­ny. The lar­ger the data stock, the grea­ter the risk that data pro­tec­tion brea­ches or IT secu­ri­ty inci­dents will result in fines and/or claims for damages.

In this white­pa­per, Ste­fan Hes­sel and Chris­ti­na Kie­fer explain the pro­ce­du­re for data protection-compliant dele­ti­on and show, among other things, what the con­se­quen­ces are for violations.

You can down­load the full white­pa­per here.


Stay up-to-date

We use your email address exclusively for sending our newsletter. You have the right to revoke your consent at any time with effect for the future. For further information, please refer to our privacy policy.