HomeKnowledge base › Data destruction certificate explained
Data carriers

Data destruction certificate explained: what's on it and when you need it

Data destruction certificate with serial numbers

A data destruction certificate is your proof that data carriers were irreversibly destroyed. It states the date, the DIN level applied and the serial numbers of every destroyed carrier. Those serial numbers are precisely what sets it apart from a paper certificate, because they tie the proof to your specific hard drives, USB sticks or phones.

Deleting a file or wiping a drive feels final, but without proof you cannot show afterwards that the data was really made illegible. At lease return, an IT audit or an inspection under the GDPR, that proof counts. In this article you read what a data destruction certificate is exactly, what is on it, how it differs from a paper certificate and when you need it.

What is a data destruction certificate?

A data destruction certificate is a document that records that your data carriers were destroyed at a certain moment and to a certain level. It is the closing piece of the destruction process, the proof that the data can no longer be recovered. Unlike an internal note or an email confirmation, it is a formal document you can present to an auditor, a leasing company or the data protection authority. The general certificate of destruction is explained separately in certificate of destruction explained.

What is data destruction anyway?

Data destruction is making data on a carrier irreversibly illegible. That can be done by overwriting, degaussing or physical destruction. For certainty with sensitive data, physical destruction is the safest route, because the carrier is literally broken and the data can no longer be accessed. The certificate belongs with that physical destruction, because only then can a provider record per serial number what was destroyed. A wiped device that is still intact does not produce that proof in the same way.

What is on the certificate?

A good data destruction certificate contains at least:

  • The date the carriers were destroyed.
  • The DIN 66399 level applied, for example E level for electronic media.
  • The serial numbers of each destroyed carrier, registered one by one.
  • The type of carrier, such as hard drive, SSD, USB stick or phone.
  • A unique job number by which the certificate can be traced.
  • The name of the performing party.

The serial-number registration is the most important part. Without serial numbers you prove that something was destroyed, but not which carriers exactly.

The difference with a paper certificate

For confidential paper the certificate states the date, the quantity and the DIN level, but no serial numbers, because loose sheets do not have them. For data carriers it is different. Every hard drive or phone has a unique serial number that belongs on the certificate. So you can later show precisely that this one drive from that one device was destroyed. For a lease return or an asset register that is indispensable.

When do you need it?

A data destruction certificate is important in a number of situations:

  • Lease return of hardware. The leasing company wants proof that the drive from the device was safely destroyed before it comes back.
  • An IT audit. An auditor checks whether written-off equipment was demonstrably destroyed.
  • ISO 27001. The standard requires controlled disposal of media, with proof. More on this is in ISO 27001 and physical destruction.
  • The GDPR. If personal data was on the carrier, the certificate is your proof that you had it destroyed correctly.

For whom is it intended?

A data destruction certificate is mainly relevant for businesses, IT departments and organisations that write off or lease hardware. But a private individual too can have an old laptop or phone full of personal data safely destroyed. The approach is the same for both, collection, registration on serial number and destruction, with a certificate as proof. Whether it is a single drive or a whole batch, the proof is always traceable to the carrier.

Which DIN level for data carriers?

The DIN 66399 standard has separate categories for different media. For electronic data carriers E levels apply.

CategoryForExample
HHard drivesHDD shredding or degaussing
EElectronic mediaSSD, USB stick, memory card
OOptical mediaCD, DVD, Blu-ray

Which level you need depends on the type of carrier and the sensitivity of the data. The certificate states the level applied, so you can show it was appropriate.

NIST 800-88 or DIN 66399?

Besides DIN 66399, NIST 800-88 is often referenced internationally, an American guideline for wiping and destroying media. Both describe how to make data reliably unusable, with a comparable starting point, namely that physical destruction gives the highest certainty. For your certificate it matters little which standard is named, as long as the level applied and the serial numbers are recorded. The difference between the two is in NIST 800-88 versus DIN 66399.

Wipe or destroy?

An important distinction. Software wiping overwrites data, but is not reliable on every carrier. On an SSD, wear-leveling and reserve cells mean not all data is overwritten, as explained in destroying SSDs, why overwriting fails. For certainty, physical destruction is the safest route. Only then do you get a certificate with serial numbers. The difference between wiping and destroying is in wiping versus destroying a hard drive.

Certificate or wipe report?

With software wiping you sometimes get a wipe report, a log file indicating a drive was overwritten. That is different from a certificate of destruction. A wipe report says it was wiped, a certificate with serial numbers proves the carrier was physically destroyed. For most audits and lease returns the certificate is the stronger choice, because the carrier then demonstrably no longer exists instead of just being overwritten.

What the GDPR requires

The GDPR requires storage limitation in article 5 and appropriate measures in article 32 to protect personal data. That duty runs until the data is destroyed beyond legibility, on data carriers too. An old drive with client data that stays in a drawer is a risk. If lost, it is a data breach. The data destruction certificate is the proof that you met that duty.

What if it goes wrong? A data breach from old carriers

Most data breaches with hardware do not arise from a hack but from careless disposal. A box of old hard drives that ends up with the bulk waste, a USB stick that disappears from a drawer, a discarded phone resold without the data really being gone. In all those cases someone can recover business or client data. A serious data breach you report within 72 hours to the data protection authority. Physical destruction with a certificate removes that risk in advance.

Which data carriers do you have destroyed?

  • Hard drives and SSDs from laptops, desktops and servers.
  • USB sticks and memory cards with business or client data.
  • Smartphones and tablets at end of life.
  • Backup tapes with old backups.
  • Multifunction printers and copiers with an internal drive, often at lease end. See multifunction printers and copiers at lease end.

When is a carrier ready for destruction?

A data carrier is ripe for destruction once it is no longer in use and the data no longer has to be kept. Think of a laptop being replaced, a server that is end of life, a phone going out of circulation or a USB stick you no longer trust. Do not leave carriers endlessly in a drawer, because as long as the data is on it, it remains a risk. First check whether any data still has to be kept. Hand over the rest for destruction.

Closing paper and data carriers in one go

A clear-out rarely stops at paper or only at digital carriers. Often both come free at the same time, for example during a move or an office clear-out. The practical advantage of a collection service is that paper and data carriers can come in the same collection, each destroyed to its own level. The paper appears on the certificate as quantity and level, the data carriers on serial number. So you close the whole confidential flow in one go, with conclusive proof for both.

How do you get the certificate?

  1. Request. You give which carriers you have. You get a fixed price.
  2. Collection. We collect the carriers sealed at your location.
  3. Registration. Every carrier is registered on serial number.
  4. Destruction. The carriers are destroyed to the right DIN level.
  5. Certificate. You receive the certificate with the serial numbers and the level.

Paper and data carriers can come in the same collection, each destroyed to its own level. More on digital destruction is in data destruction.

Sealed collection and transport

Just like with paper, data destruction revolves around a closed chain. The carriers are collected at your location and transported sealed, so no one can reach them on the way. Between collection and destruction there is no moment where a drive goes missing or is viewed. That secure chain is precisely what the certificate confirms at the end. For sensitive business data that is more important than speed, because a drive that disappears on the way is still a data breach.

What does data destruction with a certificate cost?

Data carriers are usually settled per item, because every carrier is registered separately on serial number and destroyed. The price depends on the type of carrier and the number. The practical advantage is that you can hand over paper and data carriers in the same collection, so you pay only once for the call-out. Within 20 km of Amsterdam we charge no call-out fee. You know the price in advance, including the certificate with serial numbers.

What happens to the carrier after destruction?

After destruction, the remains of the carriers are sent for material recycling. Metals and plastics are separated and reused, while the data is gone for good. So you combine secure data destruction with clean processing of electronic waste. You do not have to worry about what happens after destruction, because the data is then already irrecoverably gone and only the material remains.

How long do you keep the certificate?

Keep the certificate for at least 5 years in your GDPR file or asset register. At an audit, an inspection or a question from a client you can then immediately show that the carrier was destroyed. Archive it digitally if possible, so you find it quickly. A certificate you cannot find is in practice as worthless as no certificate.

A certificate that holds up in an audit

Not every certificate is equally strong. A document without serial numbers, without a date or without the level applied says little. So make sure the certificate contains all the data an auditor wants to see, namely per carrier a serial number, the date and the DIN level. Ask for this before you agree. A conclusive certificate saves you a lot of explaining in an inspection, because it shows at a glance what was destroyed.

Practical tips

  • Always ask for serial-number registration, not just a general certificate.
  • Combine paper and data carriers in the same collection.
  • Keep the certificate digitally so you find it at once in an audit.
  • Do not leave drives lying for months first, because a drawer full of carriers is a risk.

Common mistakes

  • Relying on wiping alone. Without physical destruction and a certificate you have no proof.
  • Not asking for serial numbers. A certificate without serial numbers does not tie the proof to your carriers.
  • Leaving old drives lying. A drawer full of written-off carriers is a dormant data breach.
  • Losing the certificate. Without findable proof you are empty-handed at an audit.

A real-world example

Imagine a business replaces fifteen leased laptops. The leasing company wants the devices back, but the drives contain years of business data. The business has the drives removed from the laptops and destroyed at H level. Every drive is registered on serial number and the business receives a certificate with all fifteen numbers. At the lease return it can show precisely that the data on those specific drives was destroyed. No discussion, no risk of a data breach.

Have data carriers destroyed with a certificate?

Tell us which carriers you have and you get a fixed price. We collect them sealed, destroy them to the right DIN level and you receive a certificate with serial numbers. No call-out fee within 20 km of Amsterdam.

Request a quote

Frequently asked questions

What is a data destruction certificate?

A document proving your data carriers were irreversibly destroyed, with the date, the DIN level applied and the serial numbers of the destroyed carriers.

What is the difference with a certificate for paper?

For data carriers the serial numbers are on the certificate per item. For paper it is the date, quantity and level, without serial numbers.

When do I need a data destruction certificate?

For lease return of hardware, an IT audit, ISO 27001 and as proof under the GDPR that you had personal data on carriers destroyed correctly.

How long do I keep the certificate?

Keep the certificate for at least 5 years in your GDPR file, so you can show in an inspection or audit that the carriers were destroyed.

Do I also get a certificate with wiping alone?

A wipe report is possible, but a certificate with serial numbers belongs with physical destruction. For certainty with sensitive data, physical destruction is the safest route.

Conclusion

A data destruction certificate is the proof that your data carriers were demonstrably and irreversibly destroyed, tied to the serial numbers. That makes it indispensable for lease return, an IT audit, ISO 27001 and as proof under the GDPR. Have carriers physically destroyed to the right DIN level, ask for serial-number registration and keep the certificate for at least 5 years. That way you close the digital flow just as neatly as the paper one.


Have data carriers safely destroyed? Request a quote via desnipperaar.nl or read how data destruction works. You get a certificate with serial numbers as proof.