The other answers focus on that it's not possible, so I will instead focus on how it could be possible. I'll leave it up to the reader to determine whether it is realistic or not.

Trusted 3rd party

It's entirely up to the attacker to create a system where they can prove that the data is secure. Once they have the data in their hands, it's too late. That's why they need to give the data directly to a 3rd party that both they and the company trust. It is also crucial that the 3rd party provides the information necessary to prove both that they have the data (e.g. file names and sizes) and that nobody has accessed it (e.g. a download count).

Here's how an attack could go:

1. The attacker convinces an employee to upload the data to an account on the 3rd party through social engineering. The attacker controls this account and can potentially download the data.
2. The attacker shows proof of upload to the company and makes the demand.
3. When the ransom is paid, the attacker hands over the 3rd party account to the company, who then locks the attacker out of the account.
4. The company verifies with the 3rd party that the data has not been accessed, then deletes the account and all the data.

Note how extremely limited the attack vectors are. The attack only works if someone the company trusts uploads the data. Furthermore, the attacker is greatly limited in infiltrating the company: If they inadvertently give themselves inauditable access to the data, it would make the above poof meaningless.

From a crime-business point of view, things can only get worse.

Technically, data that is copied cannot be remotely deleted or self-destroyed, nor prevented from doing additional copies. Not finding the stolen data already in the black market is pointless. Criminals might want to keep such data in the fridge for future use.

Both In my opinion, and judging from past cases of sextortion, the case may result in an endless blackmail until some condition is reached.

In known sextortion cases, criminals never deleted the offending material and continued to blackmail victims to pay a small fee regularly to keep the material private. This has a lot of common points with regualr mafia who demand money from shop-owners.

Cyber criminals are starting to act like traditional mafia, but they can use technology to remain mostly anonymous without need for consensus, bribery or threat to police officers.

It is believable than new criminal businesses will transform into ransom fees intended not to divulge yet the information stolen.

It can be hypotesized that the ransom will end when data stolen is enough out of date so that the harm done by publishing information is not enough to cover the current, past and future fees (anectode: if you are living all your life in a rent apartment, you should have bought it long ago), or when the company is ready to be put out of business in favour of a new company inheriting lots of assets.

These are just hypoteses

There is no way to know if the criminal really deleted the data.

All readable data can be copied, and copies can be encrypted to prevent detection.

I speculate that the criminals rarely actually delete the data in these types of situations. I would assume they keep a copy:

1. for personal use
2. to sell right before going completely underground, or
3. to sell in fragments so the original source will be difficult to detect

When a company claims that all copies of compromised data have been deleted, it is wise to treat such a claim with great suspicion.

Reputation is an important asset for an extortionist. They will not be paid if they are known not to obey the deals.

Then again, anonimity is another important asset for any criminal (as in not being caught and prosecuted).

So in practice, all these extortionists share a common "body of reputation" and everyone of them has their very own "prisoner's dilemma". They can try to get some more money and gradually ruin the business model for everyone doing the same (including themselves) and also face some resistance from their coleagues - or - obey the deals, not get the extra money now and keep the business model strong.

The data crimes also have the extra peculiarity that the criminals can keep the data indefinitely and either decide the dilemma later or lose themselves the control over the data (and get extorted themselves). Keeping the data, they also risk the data and their connection to it being found later by the law enforcement.

The practice shows than in most (but not all!) cases the extortionists obey the deals.

They can't. There is no way to prove that one does not possess some information. So whenever someone claims that they destroyed all copies they had of a piece of information, you have nothing but their word that this is true.

Deliberately infect your systems with viruses that trigger when removed from your network.

How to make sure that the hackers delete your stolen data? I'm not a computer security professional, but here's an idea: infect it all with computer viruses that'll destroy their computers if they don't. If the data they downloaded stays encrypted, or they delete the data, they won't have anything to worry about. However, if they decrypt it so that they can harvest data for sale on the black market, the viruses will check their location, and upon finding that they are no longer on your system, they can begin to wreak havoc on the hacker's machines.

Of course, this would only work if you deploy these measures before the breach takes place, and you would want to make sure that your API strips out these viruses before sending out any data to authorized users of your cloud service. Additionally, having each file (or some certain subset of them) periodically checking their location would doubtlessly consume computing power and reduce the efficiency of your cloud computing platform, and thereby increase the cost of running it. Additionally, these measures might not be legal in all locations, and may leave you liable for the damages that the hackers suffered as a result of setting off your booby trap.

You would also need to design your cloud database to use a file type capable of carrying a viral payload, as well, such as Microsoft Word or Excel documents.

How can the company be certain that the data is destroyed,

It cannot be certain. The only hope that it is part of the criminals business model to maintain a good reputation in that one gets what is claimed.

But business models might change. For example if the existing ransomware business does not provide enough profit anymore it might be worth checking if one can get more profits from previously collected (and not actually deleted) data.

... what reparation can it get if it is found later that the data is passed on after payment?

None. They are dealing with criminals in the first place.