<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=207269141220718&amp;ev=PageView&amp;noscript=1">
Skip to content
English
Homepage
  • There are no suggestions because the search field is empty.

Data Deletion and Archiving in On-Premises Systems – What Needs to Be Considered?

In an on-premises setup, responsibility for operation, data storage, archiving, and deletion fundamentally lies with the customer. Can Do provides the software and offers support within the scope of support or consulting services. Even though the technical execution takes place within the customer’s environment, data deletion is not merely an operational IT task, but a process that is organizational, legal, and compliance-relevant.

1. Sensitivity of the Topic

The deletion of project data may have implications for:

  • statutory retention obligations

  • audit and inspection requirements

  • internal compliance policies

  • system integrity

  • future data recovery

Particularly in public institutions or regulated industries, coordination at the management and/or compliance level is required before any data deletion takes place.

2. Organizational Involvement

Data deletion and archiving typically affect not only IT administration but also business and organizational departments.

Before deletion, it should therefore be verified whether the following stakeholders are involved:

  • PMO

  • Project managers

  • Controlling

  • Business departments

  • If applicable, Internal Audit or Compliance

It must be ensured that:

  • no ongoing evaluations or reports are based on the affected data,

  • all project-related documentation has been fully completed,

  • no billing- or audit-relevant data is affected,

  • all impacted organizational units have been informed.

3. Technical Framework Conditions for Restorations

In the context of archiving and possible future restoration (restore), it must be considered that software functionalities may evolve over time through updates and version changes.

Even if individual versions contain only minor changes, structural or functional differences may accumulate over several years.

In particular:

  • Backups (e.g., database dumps) always relate to a specific technical version.

  • Restoring data into a significantly newer system version may require additional technical checks or adjustments.

  • A system-identical restoration generally requires a compatible software version.

A restoration concept should therefore consider not only data backup itself, but also versioning and long-term technical compatibility.

Note: Exports primarily serve data backup or archiving purposes and are not necessarily intended for a later system-identical restoration.

4. Recommended Procedure Prior to Data Deletion

Before deleting data, the customer should internally clarify:

  • Which specific data is affected

  • Whether statutory or contractual retention obligations apply

  • Whether internal approvals (business department, IT, management, and if applicable, audit) are required

  • Whether a complete data backup has been created

  • Whether an agreed restoration concept exists

It is recommended to document all relevant approvals and internal coordination in writing to ensure transparency and traceability.

If Can Do is involved in data deletion or archiving measures within the scope of support or consulting services, this will take place exclusively upon the customer’s explicit request. In such cases, a brief written confirmation is requested stating that all necessary internal approvals have been obtained and that full responsibility for the decision and execution lies with the customer.

5. Objective

This structured approach serves:

  • to safeguard the customer with regard to compliance and auditability,

  • to maintain system integrity,

  • to clearly define the roles and responsibilities between customer and software provider,

  • to ensure traceability in the event of future inspections or audits.