What is Data Minimisation?
Data Minimisation is a principle that states that data collected and processed should not be held or further used unless this is essential for reasons that were clearly stated in advance to support data privacy. In the General Data Protection Regulation (GDPR), this is defined as data that is:
- Limited to what is necessary for the purposes for which they are processed.
Why is it important to minimise your data?
Apart from the fact the Data Minimisation principle is being reviewed and strengthened by the GDPR and there are new obligations for personal data, it also represents best practice with maintaining customer trust and reducing the risk of unauthorised access and other security threats.
How can you practise Data Minimisation?
When collecting data, remember to ask yourself several questions for each point of data you are planning to collect:
- Does the individual know I am collecting the data?
- How am I planning to use this data?
- Does the individual know why I am collecting the data?
- Is there a way of achieving this purpose without having to collect the data?
- How long will I need the data for to achieve the purpose?
Asking yourself these questions will help you understand what data you do and don’t need at any one stage, and therefore what data can be erased.
How can you promote Data Minimisation?
In this webinar, we walk through what GDPR means, the latest thinking around how the GDPR will impact your data governance strategy and answer some of your questions.