GDPR for Psychotherapists - Technical issues; deleting data
/One in a series
This is one in a series of interconnected blogs about applying the Data Protection Act (2018) and GDPR(2016) laws for psychotherapists in the UK. The blogs are somewhat independent, but it would be best to first read the Overview and Introduction blogs, to orient yourself to the wider context and give background.
No affiliation
I do not get paid for, or get any other consideration, and don't have any affiliate arrangements with the organisations, companies or individuals I mention or their products or services. I do use many of the software applications I mention, but receive no discount or anything for mentioning them.
Data deletion
Many people don not realise that when they delete data, the data are not gone, but mostly stay on the disk. This is especially severe if your data are in the cloud (where you generally don't know whether or where backups, or anonymised extracts etc., are kept), or for SSD drives, which often retain data in a number of places and versions.
General
The first-line remedy is always encryption. If you have encrypted the disk where you have your data, and if you are the only one who has access to the password or keys to decrypt the disk, your situation is much better. Some people would consider that this is good enough, and you could consider not taking further precautions. However, many security-conscious people with technical insight still advocate doing more than that, and use secure deletion methods even when your disk is encrypted. This is best avoided for SSDs, and perhaps is most useful on Windows computers with conventional hard disks.
This blog gives a number of practically available methods for computers with Windows and with Mac OS.
- If you keep files with personal data on an unencrypted disk, you are taking an unacceptable risk anyway, in my opinion. In that case it is imperative that when you delete data, you use the secure deletion methods described. But with SSDs that may not even work.
- If you keep data in a form of cloud storage (e.g. Dropbox) where they are encrypted, but you have no access to or control over the encryption password / keys, you need to disclose this under GDPR; you accept a level of risk. In that case, too, it seems even more important to use secure deletion tools when you delete data; and if the provider has kept copies, you may never know.
- Using USB sticks, despite their convenience, is always extra risky. Many security incidents that are known involved sticks and pen drives. As always, the first line of defence is encryption.
- Finally, most people consider secure deletion a must when you dispose of equipment, whether laptops, desktops, USB sticks or hard drives. Even when they apparently "don't work any more", the data will still be available. When you cannot power on hardware any more, that makes it of course more difficult to do secure wiping, and you might do best to get help.
Secure deletion of files and folders on a Mac
Recommendation:
- Have full-disk-encryption of your disk using File Vault (available in System Preferences) and / or Disk Utility - under Applications > Utilities)
- Delete files or folders normally
- Apple have removed the Secure Erase option from Trash, as it never worked with an SSD, and is not really necessary when you use full disk encryption with FileVault
Secure deletion of files and folders on Windows
This is a good thing to do; though less necessary if you are using full disk encryption. SSDs remain much more problematic than conventional drives. The best utility I can recommend is Blancco, the successor of DBAN ("Darik's Boot and Nuke"). They cost about £30 one off. For the pricing and buying, use this link. Blancco claim on their site that they have solved the problem of securely erasing SSD drives, and that their software does just that. I think it is the best option there is.
A free option that is certainly good for conventional drives, is Eraser. I don't believe that they make any claims that their process is effective with SSDs; in fact it might be counter-productive.
A link with a few more options:
Secure deletion when disposing of a Mac
The options here depend on whether you have a conventional hard drive in your Mac, or a Flash drive (more universally called SSD).
For a hard drive, it remains possible and sensible to wipe it securely before disposal. Apple has an in-built facility to do this, in Disk Utility (find it under Applications > Utilities). If you have a conventional hard drive, use this facility, and choose levels 3 or 4, or possibly 2. It will take time...
If you have an SSD, the situation is more complex. Be aware that the situation around SSDs is much more tricky, and that inherently SSDs are harder to wipe. In fact, on some SSDs, or unless you do everything right, you might well think that you have securely erased your files, whereas in fact they still are there.
Main factors to watch out for when you have an SSD / Flash drive as internal drive:
- Never use normal "secure erase"
- Always use the SSD with encryption - FileVault in the case of Apple
- Make sure that TRIM is enabled / activated. If it is a Mac from the factory, you can be certain that that is the case. If you install an SSD yourself, or if someone else has used the laptop, they might have tinkered with TRIM.
After your secure deletion "process", whatever it was, reinstall the Operating System, with factory settings, from scratch. And if you are going to use the computer again, immediately encrypt the internal drive or SSD.
Links:
https://mac-optimization.bestreviews.net/the-dangers-of-using-secure-erase-apps-on-macs-with-ssds/
https://www.lifewire.com/format-mac-drives-using-disk-utility-2260076
https://www.intego.com/mac-security-blog/how-to-securely-dispose-of-your-old-mac/
https://www.howtogeek.com/179284/how-to-securely-wipe-a-hard-drive-on-your-mac/
https://www.theguardian.com/technology/askjack/2015/feb/19/how-safely-recycle-old-pcs-computers
Secure deletion when disposing of a Windows computer
Before disposing of your PC, you need to do a secure deletion of the internal hard drive, if you have any personal data stored there. There are many programmes, of somewhat variable quality. Of the paid ones, most people regard as one of the top ones the Blancco apps, the successor of DBAN ("Darik's Boot and Nuke"). They cost about £30 one off. For the pricing and buying, this link. Blancco claim on their site that they have solved the problem of securely erasing SSD drives, and that their software does just that.
There remains considerable discussion about SSDs being much more difficult to fully and securely delete than the conventional drives. The best remedy remains to have the disk in any case encrypted with full-disk-encryption before you dispose of it. And to always have TRIM enabled.
A free option that is good, is Eraser. I don't believe that they make any claims that this process is effective with SSDs; in fact it might be counter-productive.
Some links:
https://www.lifewire.com/how-to-wipe-a-hard-drive-2624527
https://www.theguardian.com/technology/askjack/2015/feb/19/how-safely-recycle-old-pcs-computers
Secure deletion when disposing of hard disks
Use some of the options recommended above. Be very cautious about SSDs. The main line of defence is to have them encrypted with full disk encryption BEFORE storing any sensitive or personal data on them. Blancco and Eraser can both be used to good effect, if the disks are spinning and not SSDs.