Data Minimization & Records Retention

Greenberg Traurig’s Data Privacy & Cybersecurity Practice understands that a company’s best asset may be the data it holds, but it can also create significant privacy and security risks. In addition, privacy laws are increasingly mandating that personal data be securely destroyed when there is no longer a legal basis for processing it, and these laws are in tension with laws mandating that data be retained for a minimum number of years. Our team helps companies strike a balance between data minimization and data retention requirements, both in the United States and internationally. Specifically, we track the ever-changing legal landscape and advise clients on how to document and implement a risk-based records retention program and comply with laws governing secure disposal of data.