Purpose

To establish guidelines and procedures for sanitizing digital media and to prevent unauthorized access to confidential information after disposal of digital media.

Scope

This policy applies to all Penn State Wilkes-Barre full-time and part-time faculty and staff and all University-owned digital media at Penn State Wilkes-Barre.

Definitions

Sanitized – To remove all data in a manner that prevents its recovery within reasonable means

ADG01 – Glossary of Computerized Data and System Terminology

Policy

All digital media should be sanitized in a manner that is in compliance with applicable University and Penn State Wilkes-Barre policies, including but not limited to:

  • AD20 – Computer and Network Security
  • ADG02 – Computer Facility Security Guideline

before the digital media is removed from service. Digital media sent to Lion Surplus may be sent without being sanitized if it is clearly marked that data destruction is requested.

Guidelines

  1. The ITS office at Penn State Wilkes-Barre will be responsible to ensure that all computers being removed from service will have their internal drives sanitized. The office will conduct the process themselves or engage the data destruction services available at Lion Surplus.
  2. Before re-issuing a computer, the ITS office will sanitize the hard drive.
  3. It is the responsibility of each user to ensure that the digital media they use is appropriately sanitized when they are finished with the media. (this include but is not limited to CD's, DVD's, USB Drivers, and Floppy Disks).
  4. Any portable media such as floppy disks, zip disks, CDs, DVDs, or USB drives should be sanitized before being discarded.
  5. Media should be sanitized using Kill Disk or a similar program. If the data cannot be destroyed electronically, a physical method of destruction (i.e. hammer, drill, etc.) should be used.