Secure Destruction Clause Samples

Secure Destruction. 2.11.1 The Data Processor shall ensure that information held in paper form regardless of whether as originally provided by the Data Controller or printed from the Data Processor’s IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713 (BS15713 (BS 15713) The Secure Destruction of Confidential Material). The Data Processor shall ensure that electronic storage media used to hold or process Information is destroyed or overwritten to current CESG standards as defined at ▇▇▇.▇▇▇▇.▇▇▇.▇▇ 2.11.2 In the event of any bad or unusable sectors that cannot be overwritten, the Data Processor shall ensure complete and irretrievable destruction of the media itself. 2.11.3 The Data Processor shall provide the Data Controller with copies of all relevant overwriting verification reports and/or certificates of secure destruction of NHS information at the conclusion of the contract.

Secure Destruction i. NHS data is subject to legal retention periods and should not be destroyed unless the Contractor has received specific instruction to do so from the Customer. Where data has been identified for disposal: a) The Contractor shall ensure that NHS information held in paper form (regardless of whether originally provided by the Customer or printed from the Contractor's IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713. b) The Contractor shall ensure that electronic storage media used to hold or process NHS Information is destroyed or overwritten to current CESG standards as defined at ▇▇▇.▇▇▇▇.▇▇▇.▇▇ c) In the event of any bad or unusable sectors that cannot be overwritten, the Contractor shall ensure complete and irretrievable destruction of the media itself. d) The Contractor shall provide the Customer with copies of all relevant overwriting verification reports and/or certificates of secure destruction of NHS information at the conclusion of the contract.

Secure Destruction o Once the retention period expires, personal data will be securely destroyed or anonymised using approved methods, such as: ▪ Deletion from electronic systems with confirmation of permanent removal. ▪ Secure shredding or disposal of physical records. 3.

Secure Destruction. 11.1 The Data Processor shall ensure that Data held in paper form regardless of whether as originally provided by the Data Controller or printed by the Data Processor is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713. 11.2 The Data Processor shall ensure that electronic storage media used to hold or process Data is destroyed or overwritten to current CESG standards. 11.3 In the event of any bad or unusable sectors that cannot be overwritten, the Data Processor shall ensure complete and irretrievable destruction of the media itself in accordance with CESG standards. 11.4 The Data Processor shall provide the Data Controller with copies of all relevant overwriting verification reports and/or certificates of secure destruction of Data at the conclusion of the contract.

Secure Destruction. The Data Processor shall ensure that University information held in paper form regardless of whether as originally provided by the Data Controller or printed from the Data Processor’s IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713. The Data Processor shall ensure that electronic storage media used to hold or process University Information is destroyed or overwritten to current CESG standards as defined at ▇▇▇.▇▇▇▇.▇▇▇.▇▇ In the event of any bad or unusable sectors that cannot be overwritten, the Data Processor shall ensure complete and irretrievable destruction of the media itself. Subject to Clause 2.5, the Data Processor shall provide the Data Controller with copies of all relevant overwriting verification reports and/or certificates of secure destruction of University information at the conclusion of the service. The Data Processor shall permit the Data Controller to monitor compliance with the terms of this Agreement, by: The Data Processor shall permit the Data Controller employees or nominated representatives to enter any premises where University information is held, at all reasonable time, with or without prior notice, for the purpose of inspection. The Data Processor shall compile and return a Data Processing Monitoring Form at the request of the Data Controller. The Data Processor shall provide independent assurance of the self-audited University Digital Data Security and Protection Toolkit (DSPT) performance measures where the Data Processor is required to comply.

Secure Destruction. When required under this Agreement and in any case when any of Customer’s Confidential Information is no longer needed by RIB to perform the Services, RIB will take reasonable steps to ensure the Confidential Information is (at RIB’s discretion) permanently destroyed, de-identified, deleted or put beyond use. In this paragraph, “put beyond use” means that RIB: (i) is not able, or will not attempt, to use the Confidential Information for any purpose; (ii) does not give any other organisation access to the Confidential Information; (iii) surrounds the Confidential Information with appropriate technical and organisational security measures; and (iv) commits to permanent deletion of the Confidential Information if, or when, this becomes possible.

Secure Destruction. 13.1 The Council should retain the data it has processed in accordance with its own procedures. 13.2 In the event the Council shall obtain any NHS data or Personal Data pursuant to this Agreement and it is instructed to dispose of such NHS data or Personal Data by the Contractor or otherwise disposes of the data it shall: 13.2.1 destroy paper copies (regardless of whether originally provided by the Contractor or printed from the Data Processor’s IT systems) using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713; and 13.2.2 destroy or ensure the overwriting of electronic storage media used to hold or process any NHS data to current standards as defined at ▇▇▇▇▇://▇▇▇▇▇▇▇.▇▇▇.▇▇/ and in the event that the electronic storage media cannot be overwritten, the Council and the Contracted Service Provider shall ensure complete and irretrievable destruction of the media itself. The Council shall provide the Contractor with copies of all relevant overwriting verification reports and/or certificates of secure destruction of any NHS data at expiry or earlier termination of this Agreement.

Secure Destruction. Requesting Program shall retain NJDOH data received from Early Intervention Program for only the period required to utilize NJDOH data for the purpose authorized under this Agreement. At the end of this Agreement, Requesting Program will, and will certify in writing, that it has securely destroyed or returned all data files containing Early Intervention DATA.

Secure Destruction. 5.1 On satisfactory completion of the service or on termination of the contract, ensure that the PID is securely removed from their systems and any printed copies securely destroyed. In complying with this clause, electronic copies of the personal data shall be securely destroyed. 5.2 ALL PID held in paper form regardless of whether as originally provided by the Trust or not is destroyed using a cross cut shredder or by a confidential waste company that complies with European Standard EN15713 and performs shredding services on the premises. 5.3 Electronic storage media used to hold or process the data is destroyed or overwritten to current CESG standards as defined at ▇▇▇.▇▇▇▇.▇▇▇.