Data destruction is the permanent, irrecoverable elimination of data from storage media — so it cannot be accessed, recovered or reconstructed. Under UK GDPR, this is a legal requirement when disposing of IT equipment that has held personal or business data.
Methods of data destruction
Certified software erasure (wiping)
Certified software overwrites every sector of a drive multiple times to recognised standards, making data unrecoverable without destroying the physical hardware. This allows the drive to be reused or refurbished after erasure. A per-drive erasure report is generated confirming the process and the result.
Physical shredding
The drive is physically destroyed — reduced to fragments that cannot be reconstructed. This is the appropriate method for failed drives, encrypted drives that cannot be reliably wiped, highly sensitive data, or any case where absolute certainty is required. A certificate of destruction is issued per item.
Degaussing — and why we don’t use it
Degaussing uses a strong magnetic field to destroy the magnetic patterns on older hard drives. It is entirely ineffective on solid-state drives (SSDs), which store data in flash memory rather than magnetic patterns. Since SSDs are now standard in most business laptops and servers, degaussing is not a reliable destruction method for modern IT estates. Recycle4Charity uses certified wiping and physical shredding only.
Which method is right for your equipment?
| Media type | Recommended method |
|---|---|
| HDD (working) | Certified software erasure — drive can be reused |
| SSD (working) | Certified software erasure — flash-aware overwrite |
| Failed or encrypted drive | Physical shredding |
| Magnetic tape (LTO, DAT) | Physical shredding or degaussing (tape only) |
| USB / flash media | Physical shredding |
| Optical media (CD, DVD) | Physical shredding |
Your GDPR obligation
Under UK GDPR and the Data Protection Act 2018, your organisation remains the data controller until data is irretrievably destroyed — even when the device is being collected by a disposal provider. The ICO specifically identifies inadequate disposal of IT equipment as a significant source of data breaches. A certificate of data destruction provides the documented evidence required for your compliance records and any ICO audit.
See our secure data destruction services for London businesses, or our guide to what a certificate of data destruction should include.