Secure Data Disposal

The College of Medicine at the University of Arizona requires that before any computer system, electronic device, or electronic media is disposed, recycled, or transferred either as surplus property or to another user, the system, media, or device must be either:

  • properly sanitized of University sensitive/confidential data and software, or
  • properly destroyed.

Any official University records must be appropriately retained/disposed of based on the University’s records retention policy prior to erasure or destruction of the system, device or media.

Electronic media must be sanitized following the guidelines in NIST Special Publication 800-88, “Guidelines for Media Sanitization”. The specific procedures and requirements to be followed when cleaning or destroying computer systems, electronic devices and electronic media are found in the Electronic Data Disposal Procedure document.