Data Wiping & Secure Data Destruction

Under UK GDPR, organisations have a legal duty to protect personal data throughout its lifecycle — including when equipment is retired, disposed of, sold, donated, or recycled. If drives and devices leave your control with recoverable data, that can create breach risk, reputational damage, and regulatory consequences.

The key requirements are:

• UK GDPR Article 5(1)(f) — Integrity & confidentiality (security): you must handle personal data in a way that prevents unauthorised access or disclosure, which includes secure end-of-life disposal.

• UK GDPR Article 32 — Security of processing: you must implement “appropriate technical and organisational measures” based on risk. In practice, that means using secure disposal methods (e.g., wiping, degaussing, shredding), controlling storage before disposal, and having a defined process.

• UK GDPR Article 5(2) — Accountability: you should be able to demonstrate you’ve complied, which is where logs, reports, certificates, and a clear audit trail matter.

The ICO’s guidance on disposal and deletion reinforces this: secure disposal should be planned, controlled, and documented (including tracking items awaiting destruction and their location).

Community Computers fills that gap with secure wiping and destruction options backed by reporting. Depending on the service you choose, we can provide an asset list, erasure reports, and/or data destruction certificates so you have a clear audit trail for governance, supplier assurance, and compliance.

When you need the highest level of physical destruction, the KOBRA SSD high-security disintegrator uses a two-stage destruction system to break electronic media down into sand-like particles (a final state described as similar to ISO/IEC 21964 (DIN 66399) E-7). It’s rated to security levels O-7 / T-7 / E-7 and is designed to meet NSA/CSS solid-state disintegrator requirements for SSD media.

It’s built to destroy a wide range of compact electronic storage, including SSDs (including enterprise SSDs), smartphones, tablets, USB sticks/pen drives, flash drives, SIM cards, memory devices/IC chips, CPU chips with internal ROM/flash, and circuit boards, producing a particle output intended to make data reconstruction impractical. In ISO/IEC 21964 / DIN 66399 terms, E-7 corresponds to an extremely fine result (commonly referenced as max particle area 0.5 mm² for electronic media), which is why this route is used when policy demands the most aggressive end state.

Degaussing securely erases magnetic media by applying a powerful magnetic field that randomises the magnetic domains on the platter/tape, removing the “pattern” that represents stored data. Our DataGauss LG Max is a pulse-technology degausser designed for high-throughput, single-pass erasure of magnetic media.

It generates a 10,000 Gauss (1 Tesla) field and is rated to erase high-coercivity hard drives up to 5000 Oersteds (and common magnetic backup tape media). A typical cycle is around 15 seconds, with a fast ~7 second charge time, allowing continuous operation and strong throughput for batches.

This method is ideal for HDDs and magnetic tapes (e.g., LTO/DLT and other common formats) and works regardless of interface type because it targets the magnetic recording layer rather than the electronics. After degaussing, the media is not readable/reusable for data storage and is normally sent on for crunching, to make it physically inoperable.