What Are You Doing With Your Old Data?

As businesses accumulate more and more data, the chances are that a lot of this data becomes old, inaccurate, inactive, stale, or just plain not needed.  The recent data breach at Adobe™ is a good lesson in why we should have specific procedures in place to delete data we no longer need.  Adobe has offered free credit monitoring for hacked active accounts, and reset the passwords of inactive accounts.  If you are the owner of an inactive account, wouldn’t you have preferred that your information be deleted?  Wouldn’t it have been even better if your data was not subject to being hacked in the first place because your long inactive account had been deleted?

As a business, you can minimize risk by deleting data.  If you are hacked, or even if a data breach is caused by a negligent employee, the less data available, the smaller your potential exposure.  In certain industries, such as healthcare, there are specific laws that govern how long you must keep certain information.  Regardless of your industry, you should develop a policy for data retention and deletion, comply with any applicable laws, and don’t be a data pack rat!

By: Rich Sheinis, Esq.

Leave a comment