Data destruction is a part of the many programs and regulations that TargetCW adheres to. This idea of data destruction reduces the amount of data that is potentially vulnerable. The internal procedures for data destruction have been reviewed with our various software vendors to indicate whether the data is "deleted" or just "hidden" within the system. If they data can only be "hidden", then we will anonymize critical information such as SSN and remove ACH information.
Workers data is stored in the following repositories: TempWorks (US); SAGE (UK); Quickbooks (Canada); StaffingNation (All Countries)
Tempworks is anonymize only.
Quickbooks is anonymize only.
SAGE is anonymize only.
StaffingNation allows for complete record destruction.
Under the supervision of the CTO, the below dates will be used to destroy or anonymize data. It is the CTO's responsibility to ensure the appropriate script or process is executed on the business Friday after the dates listed below. Archives and backups WILL NOT be changed or amended but the data will be truncated per back up procedures (about 90 days) past the days below.
In the event that an error occurs during the process, the CTO will work with the CCO on a remedy plan. This will take place within 30 days of the CTO being made aware of the error.
Destruction process will be audited semi-annually by our SSAE auditors and the results published in the report. Sample size will be determined by the auditors.
Data Destruction Dates:
_______ Tempworks - Inactive date > 7 years ago
________ Formstack - Entry data > 1 year ago
________ Xero - None
________ Quickbooks - Inactive data > 7 years ago
________ Sage - Inactive date > 6 years ago (UK based workers)
________ StaffingNation per country law
I have removed or anonymized the data above per the policies established by the office of Global Privacy & Data Security.