100% destruction: Nothing less is good enough
Every area of government comes with its own risk
You could be in law enforcement or defence, healthcare or education – no matter what area of government you’re in, the consequences of a data security breach arising from insecure disposal of end-of-life disks are grave. Of course, the scale of damage varies according to the grade of data (Top Secret, Secret and so on) and whether it’s at a federal or state level. Suffice to say that the highest levels of data sensitivity call for the highest level of security – up to and including secure destruction.
Fault or no fault – you could be vulnerable
In any event the damage resulting from information falling into the wrong hands can be far-reaching and life-changing for individual citizens – not to mention for your organisation, even your career. Just think of the implications: when a single 1-terrabyte disk, for instance, could contain addresses of the entire Australian population, you really can’t afford to take any chances.
Fault or no fault, you’re doubly vulnerable to legal action because a government institution simply can’t be seen to shirk its moral and legal responsibilities.
APP, GDPR, PSPF and Data Destruction
Furthermore, as with all legislation, when it comes to a Notifiable Data Breach no one’s above the law – and government bodies are no exception. The financial penalties alone are daunting enough (up to $1.8 million). The ultimate costs of immediate and consequential damage in terms of people’s lives, your own career and institutions’ loss of public trust and respect are incalculable.
These responsibilities, in international laws such as GDPR and domestic ones such as PSPF (the government’s Protective Security Policy Framework), are not new. They are, however, more clearly defined, reinforced and enforced – so it is vital to understand how to grade and qualify the level of data you hold and to develop a coherent and compliant ITAD (IT Asset Disposal) policy.
In short, nothing short of total control of your data’s chain of custody and nothing short of 100% destruction is enough for your peace of mind.
As part of a specialist AVTEL Global Security Management group, we have data security in our corporate DNA. So, there is no one better placed to provide guidance not only on regulatory compliance but also on your wider IT Asset Management and Disposition procedures and protocols – as well as to deliver tailored destruction solutions.