Voda 16: access control and the archive in legal practice
The Verordening op de advocatuur (Voda) contains one article that, although rarely cited by name, plays out remarkably concretely in day-to-day practice. Article 16 stipulates that the lawyer takes appropriate measures to safeguard the confidentiality of data and information that falls under their responsibility. That touches not only the email policy or the server room, but also the archive cabinet in the corridor, the copying room and ultimately the destruction process. This article translates Voda 16 into the physical file chain.
Target audience: practising lawyers, deken-appointed responsibles and practice managers.
What does Voda art. 16 require concretely?
The text of art. 16 is short but encompassing. The lawyer ensures appropriate measures that protect the confidentiality, integrity and availability of data. "Appropriate" is not a blank cheque. It scales with the sensitivity of the file, the size of the firm and the state of the art. A criminal-case file makes different demands than a general-terms-and-conditions review.
Three concrete points that the NOvA and local dekens frequently mention:
- Physical access security of spaces where files are kept.
- A limited circle of people with a key or access pass.
- A watertight destruction process at the end of the file lifecycle.
The physical archive: not gone but vulnerable
Many firms are partly digitised, but the paper archive is rarely fully gone. Original documents, signed deeds, evidence and internal notes still sit in archive cabinets. Voda 16 cuts across each of the following points:
1. Archive cabinet and room security
Archive cabinets should be lockable. Ideally the archive room itself too. Cleaning and maintenance staff should be able to work outside that room, or access must be logged and limited. For firms in shared commercial buildings: check the landlord's key plan.
2. Processor relationships
As soon as an external party gets access to files or to spaces where files are kept, art. 28 GDPR (processor) and Voda art. 16 apply simultaneously. A destruction party is a processor, as is anyone who processes the file after end of case. A cleaner working in the archive room potentially is too, depending on actual access to documents.
3. Chain to the shredder
The moment a file is "disposed of", it often leaves the safe archive cabinet for a temporary route: collection box, hall, truck. That chain is one of the most vulnerable moments in the whole file lifecycle.
Disciplinary cases show: it is rarely the server that poses the biggest risk, but the physical moments between archive cabinet and shredder.
On-site destruction as chain reduction
On-site destruction by a mobile shredder eliminates the most vulnerable steps from the chain. Files do not need to be sealed for transport, do not end up in an external warehouse and do not need to travel through public space under the supervision of an external party. The chain reduction maps directly onto the "appropriate measure" of Voda 16.
Practical elements a mobile session at a law firm typically contains:
- Limited circle: only the responsible lawyer or archivist accompanies.
- Watching along: visual oversight of the destruction via side window or monitor.
- Certificate immediately after completion, with date, volume and method code.
- DIN 66399 P-5 as the floor for paper, H-4 or E-4 for media.
For the broader context around NOvA rules of conduct and files, see our article on NOvA rules of conduct and file handling.
Processor agreement with the destruction party
Because the destruction party acts as a processor (and under Voda 16 as a "third party to whom information is entrusted"), a processor agreement should be in place. Important clauses: confidentiality passed on to the processor's staff, notification duty on incidents, restriction of sub-contractors and documentation of the destruction process.
Archive round at a law firm?
We come with a mobile shredder to your office. The file leaves the building only as shreds. DIN 66399 P-5, certificate immediately after completion. Processor agreement available as standard.
Request a quoteSetting policy in the firm handbook
Voda 16 and the GDPR both demand policy, not just ad-hoc action. Describe in the firm handbook: who may open archive cabinets, who instructs destruction, via which party, to which standard, and how the certificate is archived. At a deken audit or a disciplinary complaint, such a chapter is the evidence that the firm not only thinks about confidentiality but also organises it.
More background and an industry page with practice cases is on our page for lawyers.
Summary: Voda 16 cuts through the entire file chain, from archive cabinet to shredder. On-site destruction is the simplest way to take the most vulnerable steps out of that chain. Combine it with access control, a processor agreement and documented policy, and the archive part of Voda 16 is in order.