Skip to main content

What is data hygiene?

The term “data hygiene” is used to describe the process of keeping data relevant and accurate. Studies show that almost 90% of companies have experienced cyber attacks. By practicing good data hygiene, you can both prevent and limit the damage caused by a data breach. This applies especially to companies that handle a lot of sensitive information. In addition to acting as data security, data hygiene can help add value to the data you have.

In this post, I will review best practice when it comes to practicing good data hygiene.

Why is data hygiene important?

Good data hygiene is important for two reasons:

1. Data protection
Data hygiene helps protect data. When you demonstrate good data hygiene, you also help to strengthen data security. By organising and minimising data, you clear the values out of the way for unauthorised persons. This applies both to regular data, but also to sensitive data. If data breach occur, the amount of valuable data – and the potential damage effect – will be reduced.

2. Data value
Data hygiene is essential to keep data valuable so that it can be used to

  • Use and share data effectively
  • Help sales
  • Optimising marketing
  • Improve customer service
  • Form a basis for business decisions
  • …etc.

Get our Newsletter!

In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.

When you sign up for our newsletter you get a license for one user to ShareSimple, which will give you a secure email in Outlook. This special offer is for new customers only, with a limit of one freebie per company.

Examples of poor data hygiene

To describe data hygiene, it is perhaps easiest to look at what data hygiene is not. There are countless examples of data processing that can lead to poor data hygiene. Some of the ones we see the most are:

  • Have lost track of what data you have
  • Stores data unprotected
  • Have copies of the same data lying around in several places
  • Does not update data with new information
  • Allowing too many people to access data
  • Fails to update software
  • Does not delete data that no longer serves a purpose
  • Does not obtain consent to process sensitive data
  • Departments each have their own IT systems that do not talk to each other

Best practices for data hygiene

Good data hygiene involves a mix of both data processing, work procedures and security measures:

1. Organise data
Be sure to create a logical folder structure and categorise files clearly. Try to avoid multiple versions of the same file stored in different locations. Every time you store a version of the file in a new location, you increase the risk of a data security breach.

2. Delete data
Ensure that data that is no longer needed is securely deleted. For sensitive data, we recommend that all files older than 5 years are deleted, unless there is a very good reason to keep them.

3. Keep software up to date
Ensure that all systems, software and applications are up to date with the latest data security to protect against cyber attacks such as phishing emails, ransomeware etc.

4. Use encrypted mail
Do not send information by email. Sent data is located several places. You should share data from a central location. Use links to files instead of attachments in emails. An attachment sent to 5 people will subsequently be in 6 copies in different mail programs (the sender and the 5 recipients).

5. Forget the virtual trash
Do not use your computer’s Recycle Bin to store files or documents.

6. Educate the employees
By training employees in data hygiene, including how they recognise phishing attacks, share data, have good data management, you can prevent data breaches as a result of employee errors.

7. Control access
Limit who has access to data. This helps to minimise mess and poor hygiene. Only persons for whom it is necessary to perform their job functions should have access.

8. Make backup
By creating regular backup copies of your data, if something goes wrong, you can restore it from an earlier version.

9. Conduct ongoing risk assessments
Be sure to regularly assess and identify potential risks to data. Ensure security measures are commensurate with data breach threats.

Data hygiene and privacy

Data hygiene is a good facilitator of processing of personal data in accordance with privacy requirements. By deleting data, implementing strong data processing practices, performing regular security updates, etc., you help reduce the risk of exposing personal data in connection with a data breach. Furthermore, an effective organisation of data helps to identify what data you have, where it is stored and how it is processed, which i.a. is a requirement to fulfill rights requests in the GDPR. Finally, good data hygiene supports a corporate culture of accountability and transparency, which is fundamental to building trust.

Start your GDPR cleanup where it is needed the most

Sensitive data can tends to accumulate in the employees' e-mails. With a GDPR Risk Scan from DataMapper, you get a report that shows any potential GDPR risks in the company's e-mails.

A smart way to keep your data clean

Are you looking to improve your data hygiene? If that is the case, I would like to introduce you to DataMapper, which was created to support good data hygiene. DataMapper is a Data Discovery tool that leverages artificial intelligence and Machine Learning algorithms to find sensitive data across a company’s data systems. This makes it possible to organise and minimise sensitive data. With DataMapper you get a tool that simplifies compliance, improves data security and makes your everyday life as a data or GDPR officer easier.

Sebastian Allerelli

Founder & COO at Safe Online
Governance, Risk & Compliance Specialist
Follow me on LinkedIn to get tips on GDPR →


How to handle sensitive personal data


How to find personal data with datamapping tool


How to prepare for a data audit