Data Disposal: You Really Can Hit Delete

Kate Hanniford, Alison Atkins, Matt McClelland

Although some state reasonable security laws have long required the secure disposition of personal data, the proliferation of ransomware and associated looting of large fileshares has brought renewed focus on the importance of secure data disposal in the data governance lifecycle as a means to reduce the attack surface and general data privacy risks.  This panel will discuss the evolving federal and state regulatory expectations for secure data disposal and enforcement risks associated with improper data disposal.  The panel will emphasize practical considerations for the implementation of updated or revised data disposal measures as well as how to tackle potentially significant backlogs of data enterprise-wide.

Kate Hanniford, Partner, Alston & Bird
Alison Atkins, Assist. Gen. Counsel & VP, Chief Cyber Counsel, US Bank
Matt McClelland, Senior Director, Information Governance, Ankura

Readings:

• United States of America Dept of the Treasury Office of the Comptroller of the Currency 

• Before the Securities and Exchange Commission

• Before the Federal Trade Commission
• Before the Federal Trade Commission 2

• 12 CFR Part 364 (up to date as of 5/04/2023)