I've got questions about GDPR and CCPA data deletion requests and backup sets. Its pretty straight forward to remove a person that has asked for data deletion from our production environment. My problem is our backup set and machine snapshots stored in AWS or Azure. I cannot find much information about whether or not we would be in compliance if we didnt delete data contained in encrypted/password protected incremental backup sets. Does anyone have any experience with this?
ASKER CERTIFIED SOLUTION
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
we spoke with a CCPA Attorney and you're 100% correct. Thank you!