Tips and Ideas

What Is the Right to Erasure in Data Management?

Leave a comment

In data management, there are many practical challenges to navigate. Some relate to the quality and validity of data collection as a process, while others relate to data integrity and management and others relate to the effective legislation of data. Let’s look at what the right to erasure means within this context.

What Is GDPR?

The GDPR act introduced many EU-wide requirements for the ways in which private and public data could be held, disseminated and managed. Its requirements span all companies, entities and bodies that deal with data, from a commercial data analysis company such as Shepper to national public sector bodies. In GDPR, there are various mandatory provisions that data handlers must follow. One of these is the Right to Erasure.

What Is the Right to Erasure?

The Right to Erasure introduced the ability for individuals to request that their private data be erased. This meant that a data analysis company, commercial business or public sector body would be required to remove certain information about an individual upon request. It is also known as the ‘right to be forgotten’ and can sometimes be seen on a practical level within website results, where certain listings have been removed.

How Is the Right to Erasure Triggered?

An individual can request that information about them be erased or forgotten in writing or verbally. The right is not an absolute one, however, and the request must only be adhered to in certain circumstances. Bodies have a month to reply to these requests.

What Happens If the Right to Erasure Is Not Complied With?

If a data collection company, company or public body does not comply with a legitimate request for an individual to be erased or forgotten in terms of the data held and shared about them, the request can be escalated to the Information Commissioner’s Office. The ICO will investigate and mandate further steps and sanctions where appropriate.

Failure to uphold the provisions of the GPDR can result in significant fines, so the onus is very much on data handlers of all kinds to comply.

Leave a Reply

Your email address will not be published. Required fields are marked *