In my experience, most conversations on how to protect customer data revolve around active companies. Certainly important, but what about bankrupt companies? That data doesn’t simply disappear when the organization declares bankruptcy. And in many cases, the bankrupt company doesn’t destroy the data. So in whose hands does our PII end up?