GDPR vs. retention requirements
The EU’s General Data Protection Regulation (GDPR) requires personal data to be deleted once it is no longer required for a specific purpose. This presents significant challenges for businesses – challenges that come with substantial risks. Breaches of the regulations can result in fines.
It’s not uncommon for data protection law to come into apparent conflict with other contractual and legal obligations. Businesses are not just bound by GDPR. For example, businesses in Germany are also required to comply with GoBD, the German tax authority’s regulations on storing, managing and accessing digital accounts, records and other documents. These regulations require certain documents to be archived in an audit-compliant format for specific periods of time.
In other words, businesses have to think about more than just GDPR: there are other specialist laws and requirements in fields like taxation that also need to be taken into account. The retention periods specified by these various obligations can sometimes contradict one another.
DIN 66398 – The “deletion concept guideline”
The net result here is that businesses urgently need to develop a comprehensive plan for both storing and deleting their data. They can use a “deletion concept” as a framework for meeting the requirements set by these various regulations.
DIN 66398 describes how businesses can put together a bespoke concept for deleting personal data in compliance with all relevant laws. This “Guideline for development of a concept for data deletion with derivation of deletion periods for personal identifiable information” was published in 2016. A project-specific first draft of this “deletion concept guideline” first appeared in 2012. This version is available here (in German). You can also find a detailed explanation of the contents of the guideline on a website (in German) maintained by the guideline’s author, Volker Hammer.
The guideline does not lay out specific regulations or deletion deadlines, since these depend on the relevant legal requirements, specific laws and associated retention periods. Rather, it describes how abstract terms and concepts can be turned into a concrete deletion concept, allowing the responsible administrator(s) to meet data protection laws and any other specialist legal requirements in full. It makes recommendations for structuring documentation and describes what is needed in order to set up and implement a deletion concept.
This approach starts with defining data types and standard deletion deadlines. Data types with the same deletion deadlines are grouped together into “deletion classes”. The deletion rules created under this concept must be documented and implemented into the business’ processes.
Deletion concepts and IT structures
The guideline does not discuss the technical particularities of data storage or how personal data should be deleted on a technical level. It is clear, however, that the question of storing, managing and deleting this data is closely linked to the IT processes used for this purpose.
Developing a deletion concept brings the opportunity to “tidy up” and optimize your IT and storage infrastructure. A software solution for data and storage management can meaningfully assist with storing and managing data, retaining it for required periods, and deleting it when appropriate.
This enables possibilities like automatically archiving and deleting data based on pre-specified rules. The parameters defined with the help of the “deletion concept guideline” can be implemented in the software used. This software will protect data against alteration or accidental deletion before the retention period expires. It will automatically delete data by the required deadline, or enable manual deletion before the deadline in accordance with pre-defined criteria.
Retention management and privileged deletion with PoINT Storage Manager
The PoINT Storage Manager is a dedicated software solution for implementing the technical requirements behind a deletion concept. The PoINT Storage Manager uses a tiered storage architecture to organize files according to pre-specified criteria. Files that are hardly ever accessed any more, but are still subject to specific retention requirements, are moved to archive storage. There, the PoINT Storage Manager uses a range of protective mechanisms such as WORM functionality: the “write once, read many” principle that prevents protected archive files against editing.
Its retention management functionality protects files against alteration or deletion for the duration of the required retention period. This allows businesses to meet the requirements set by GoBD.
Once a file’s retention period expires, it can be automatically deleted according to preset rules.
Meanwhile, the PoINT Storage Manager also enables “privileged deletion”. This functionality allows users to delete files before their retention period expires if data protection regulations require it. Such deletions are logged by PoINT Storage Manager so that administrators can still fulfill their process-documentation obligations.
Conclusion
Businesses face a range of data storage requirements that sometimes conflict with one another. A fully developed deletion concept tailored to the business’ specific requirements will let administrators meet all of these requirements in full.
Using dedicated software helps with the technical side of implementing the deletion concept. Such software will archive and delete data according to a set of parameters established in advance. The retention and deletion parameters must be designed with great care in order for the deletion concept to be implemented correctly and to fulfill all legal requirements. As a result, a software solution can help significantly reduce the workload involved in managing data in compliance with the law.