Purpose

• The purpose of this policy is to outline the procedure for purging data of client files.

Definitions

This policy applies to all incidents where a breach of personal identifying information is suspected or confirmed relating to a customer of AIM or a user of software developed by AIM.

Definitions

• "Client file" means the electronic folder, directory, or database, containing the electronic files, documents, or data.
• "file purge date" is the date on or after which a file may be purged.

General Guidelines

No data shall be purged from live production database unless:

• Client has made a request, in writing.
• 30 days have passed since client request.
• Client account is current.

Purging

1. After receiving the client request, a "file purge date" will be established based on a 30 day waiting period.
2. All database backups will be removed immediately upon client request.
3. All data from development environments will be purged immediately upon client request.
4. After 30 day waiting period, all data on the live production server will be purged.
5. A copy of the data purge checklist will be reviewed with management.
6. Management will certify the purge and send notification to the client.
7. Upon the decommissioning or failure of any hard drive, the drive physically destroyed/crushed, priory to pick-up by scrap/recycling company.