Securely Destroying Data
The process of securely erasing data from a device is referred to as sanitizing digital media. This is an important step in the proper handling of sensitive data stored on computers, USB drives, phones, etc. When these storage devices reach the end of their useful life, the sensitive data needs to be removed or destroyed.
There are three methods of erasing data from a device: clearing, purging, and destroying. To know which method to use, first define and classify the sensitive data. Then, refer to Ohio University's Media Sanitization Standard to determine which data removal method is required and how to do it:
- If the data is classified as high criticality, it is recommended to document the details of the storage device and method of data removal for your records.
- The Certificate of Media Sanitization form or the Batch Certificate of Sanitization form are available for use when documenting the removal of data.
- The Batch Certificate of Sanitization form is recommended for use with multiple devices with medium- to low-sensitivity data.
The department or individual responsible for the sensitive data must ensure that the data is securely removed from the device before it leaves their control. Similar to how you would shred paper containing sensitive information, digital media has a few options for rendering data unreadable. Please note that HIPAA covered entities must follow the Standard for HIPAA Destruction-Disposal of Patient PHI, which includes labeling the media as PHI and coordinating with OIT for destruction.
Data Removal Methods
There are three different methods used to erase data from devices:
- Clearing. Clearing data is the most common sanitization method. It prevents data from being retrieved, aside from advanced technology used in laboratory settings.
- Purging. Purging data prevents the information from being feasibly recovered even in a laboratory environment.
- Destroying. Destroying data renders the information unrecoverable and hinders the media itself unusable.
Recommended Removal Methods by Data Sensitivity
Removal Method | Low Data Criticality | Medium Data Criticality | High Data Criticality |
Clearing | Recommended | Required | Required |
Purging | Optional | Recommended | Required |
Destroying | Optional | Optional | Required |
Physical Document Destruction
Sensitive data located on physical documents needs to be disposed of in a secure manner. Physical documents can be securely disposed of in two ways: a cross-cut shredder or by using a University-approved document destruction service. If a document contains PHI from an Ohio University HIPAA Covered Entity, it must be destroyed onsite by a data destruction service.