1. Home
  2. Knowledge Base
  3. About wLw
  4. Our work
  5. Audit trail

Audit trail

Leave nothing to chance!

The clean deletion of data is an integral part of donation processing. This is documented in detail.

The association Wir lernen weiter (wLw) offers all organisations in Switzerland a secure and transparent solution for wiping data from laptops and hard drives. We rely on physical data destruction or certified erasure procedures in accordance with NIST 800-88.

All the steps taken are fully documented and thus form the Audit trail. This audit trail is important to ensure that every process remains traceable and verifiable. The organisation is certified in accordance with DIN-66399 (protection class 2).

Why an audit trail?

An audit trail enables organisations to provide evidence of secure and complete data destruction. It provides transparent documentation and ensures that legal data protection requirements are met.

We ensure that all processes are optimised by our DIN-66399-Zertifizierung meet the highest security standards. This certification guarantees professional data destruction and erasure that ensures the protection of sensitive information.

Advantages of an audit trail

Every device that is passed on or sold should first be cleared of all data. A clean audit trail therefore helps with the following points:

  • Legal security: An audit trail makes it possible to provide clear evidence of data destruction in the event of audits or legal issues.
  • Safe processing: Organisations can demonstrate transparent processes to their own customers and partners.
  • Data protectionMinimised risk through certified processes and documentation that enable and identify data erasure in the first place.

Our audit documents at a glance:

Acknowledgement of receiptDocuments the handover of devices and data carriers. This confirmation of receipt shows how many devices were accepted by us. It also contains a PAR number (unique identification of the donor) and a LOT number (unique identification of the collection).

Data cleansing certificateConfirms the secure data erasure of a device. Each device is uniquely identified with a WLW number. Each of these documents also refers to the corresponding collection and its own data carriers.

Certificate of deletionCertifies the data deletion or destruction of a data carrier in accordance with the specifications of NIST 800-88 and DIN 66399. Each data carrier is uniquely identified with a DRV number.

Destruction video: Documents the physical destruction of hard discs using video recordings. The complete destruction process per data carrier is recorded from three angles.

Batch overviewSummarises the processing of an entire batch, including the number of processed devices and data carriers, as well as the donation value. A CSV list with all serial numbers is also created.

Storage and data protection

All unslaked appliances or appliances still to be processed are stored in a hardened and locked storage area. Only employees who have completed appropriate safety training have access to this area.

The processing site is burglar-proof, has a video surveillance system and an alarm system that alerts us or the police in the event of a break-in.

Data protection is our top priority. Our employees and volunteers are bound by strict non-disclosure agreements to ensure the protection of our customers' sensitive data.

Document storage

Wir lernen weiter offers password-protected access to the document platform, where all of an organisation's documents are collected. These can be downloaded within 30 days and then obtained on request. The data is stored securely for at least 10 years.

Our processes are subject to regular internal and external audits to ensure that all DIN-66399 and NIST 800-88 requirements are consistently met. This enables us to guarantee the highest quality and security in data processing at all times.

FAQ

What is DIN-66399 and NIST 800-88?

Answer

DIN-66399This standard specifies standards for the secure destruction of data storage media, including particle sizes and security levels. Wir lernen weiter fulfils these requirements to guarantee the highest safety standards.

NIST 800-88An internationally recognised standard for the secure erasure of data on digital storage media. Our procedures are based on these best practices to securely purge data carriers.

Who processes devices?

Answer

Employees and volunteers who have passed our security checks. This includes obtaining extracts from debt collection and criminal records, signing non-disclosure agreements and several personal interviews. Every work process is traceable.

Who processes data carriers?

Answer

As soon as a data storage medium needs to be removed, the processing and IT operations managers are authorised to carry out these operations. Visual and acoustic signals will sound on the work surface if this occurs.

What technical procedures are used for erasure?

Answer

The data erasure procedures are different for each data carrier and depend on the manufacturer and model, among other things. Our proprietary erasure system automatically selects the appropriate procedure.

Successful data erasure is verified using mathematical models and comparative data, which are temporarily stored in the device's working memory.

According to which specifications are data carriers destroyed?

Answer

Our shredder systems are designed for the following material classes on SK2:

  • SSDs and motherboardsE-3 (particle size = max. 160mm2)
  • HDDs up to 2.5″: H-4 (particle size = max. 2'000mm2)
  • HDDs up to 3.5″: H-3

USB sticks, CDs and other possible data carriers are also destroyed after E-3.

Sample documents

Proof of purge per laptop

WLW-29166Download

Erasure certificate per data carrier

WLW-29166_DRV-11848Download
Was this article helpful?
Yes No

Related Articles

Need help?

We are happy to help!
Contact details
en_GBEnglish (UK)
de_CHDeutsch (Schweiz) fr_FRFrançais it_ITItaliano en_GBEnglish (UK)