Most people know how to destroy physical sensitive data, but when it comes to securely destroying electronic data, most healthcare professionals don’t know where to begin.
*This article was taken from our HIPAA Guide. For more information on this topic, download our free HIPAA Guide.
“One organization ground up their hard drives and dissolved them in a sulfuric acid solution.”
Most people know how to destroy physical sensitive data (e.g.,shredding, burning, pulping), but when it comes to securely destroying electronic data, most healthcare professionals don’t know where to begin (e.g., options, tools, procedures).
If media is magnetic (e.g., tapes, hard drives), it should be degaussed or demagnetized. Make sure to use an appropriately sized and powered professional grade degausser to ensure no data recovery is possible. You can also physically destroy the media in an almost endless variety of ways. For example, one organization ground up their hard drives and dissolved them in a sulfuric acid solution.
If you plan to re-use or sell the media, use a repetitive overwrite method, also known as erasure or wiping. This is when you overwrite the data with randomized 1’s and 0’s. There are many free overwrite tools available and most modern operating systems have features for securely deleting data.
If you use a solid-state drive or flash memory, you have several options. You can use an “ATA Secure Erase” command to wipe or reset the data. Some manufacturers supply software that will enable you to perform secure erasures, but the only sure way to destroy data on a solid-state drive or in flash memory is to physically destroy it.
.svg)
