PRIV- 9 Data Erasure Request

What is this control about?

Implementing the control ‘Data Erasure Request’ is important because it ensures that organizations comply with data privacy regulations and protect individuals’ rights to have their personal data deleted when requested. Data erasure, also known as the right to be forgotten, is a fundamental aspect of data protection laws such as the General Data Protection Regulation (GDPR) and other privacy frameworks worldwide.

By providing individuals with the ability to request the deletion of their personal data, organizations demonstrate their commitment to respecting data subjects’ autonomy and privacy preferences. When individuals exercise their data erasure rights, organizations must promptly and securely delete all personal data related to that individual from their systems, databases, and backups.

Available tools in the marketplace

Tools:

BitRaser Blancoo Wipeos

Available templates

TrustCloud has a curated list of templates internally or externally sourced to help you get started. Click on the link for a downloadable version:

• Right to Erasure Request Form Template

Control implementation

Here are some guidelines to implement a Data Erasure program:

• Establish a Data Erasure Policy: Develop a clear and comprehensive data erasure policy that outlines the process for handling data erasure requests. This policy should include details on how individuals can submit requests, the information required to verify their identity, the timeframe for responding to requests, and the procedures for securely erasing data.
• Create a Data Erasure Request Process: Set up a formal process for handling data erasure requests. This process should include designated points of contact for receiving requests, methods of submission (e.g., email, web form), and a standardized request form. Ensure that the process aligns with the data erasure policy and complies with relevant regulations.
• Verify Requestor’s Identity: Establish a robust method for verifying the identity of individuals making data erasure requests. This may involve asking for specific identification documents or using multi-factor authentication to ensure the legitimacy of the requestor.
• Assess Data Erasure Scope: Review the data erasure requests to determine the scope and extent of the data that needs to be erased. Locate all relevant data repositories, including databases, file systems, backup tapes, and cloud storage, where the individual’s data may reside.
• Execute Secure Data Erasure: Implement a secure and reliable data erasure method to remove the requested data permanently from all identified locations. This process should be performed in a way that makes the data irretrievable and complies with data privacy regulations.
• Document Data Erasure Process: Maintain detailed records of each data erasure request and the corresponding actions taken to fulfill the request. This documentation should include information about the requestor, verification process, date of the request, data erasure method used, and confirmation of completion.
• Retain Audit Trail: Keep an audit trail of data erasure requests and their outcomes for internal and regulatory purposes. The audit trail should be readily available for review during audits and compliance assessments.
• Training and Awareness: Provide training to relevant personnel involved in handling data erasure requests, ensuring they understand the importance of compliance, privacy, and security. Raise awareness among employees and data subjects about their rights and the process for submitting data erasure requests.

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

• Data erasure policy
• Data erasure request form
• Data erasure records (example of a request)

Evidence example

For the suggested action, an example is provided below:

• Data erasure policy

Use the Data Disposal Policy available within TrustCloud

• Data erasure request form

Use Right to Erasure Request Form Template

• Data erasure records (example of a request)

This will be a completed form along with the response and completion of data deletion