The University has an obligation to protect certain confidential information, such as personally identifiable information and protected health information, against unauthorized access due to the risk of harm such access might bring to the institution or to individuals. A digital storage device containing confidential information presents an opportunity for breach when it is removed from a context in which that information is being managed, unless the confidential information it contains is first securely removed.
Digital storage devices that contain Restricted Information as defined in the University’s Data Classification Guideline must be sanitized when they are to be repurposed, recycled, or discarded. Sanitization minimizes the likelihood of recovering data from residual magnetic, optical, electrical, or other representations in digital media.
Digital storage devices include those in computers, cell phones, and tablets, as well as CDs, DVDs, thumb, jump, or USB drives, solid state drives, and hard drives. Appropriate sanitization procedures for these storage device types are referenced in an associated Frequently Asked Questions.
Expiration Date: February 4, 2018