The opposite of data recovery is professional data deletion or secure data destruction. Secure data destruction is essential when data needs to stay protected — and when compliance is absolutely necessary.
Who would need to employ a professional service when deleting files. Most industries collect and store confidential information, from credit card numbers to addresses and payment records; in fact, chances are good that you have some protected data on your hard drive right now, regardless of whether you’re at home or at the office.
Security is very important, and data is remarkably resilient. Even if your storage media fails, data is usually still accessible with the right tools, and that can lead to privacy law violations. Likewise, you can’t just click “delete” and assume a file is inaccessible; you need to employ special software to overwrite the file with multiple passes.
You may be interested in professional file deletion services if you work with the following types of information. These are some of the leading categories of protected data, along with a few of the standards that recommend or require secure data destruction:
- Personally Identifiable Information – Information security professionals call data that specifically concerns or reveals an individual’s identity “personally identifiable information,” or “PII.” Examples include social security numbers, bank account data, age, name, health records — anything that distinguishes a person.
The National Institute of Standards and Technology developed a set of standards that IT managers can rely on. The latest edition of NIST Special Publication 800-122: Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) is available for free at the NIST website (the link above leaves our website and leads to the NIST 800-122 PDF). This paper labels media sanitization as Security Control MP-6, and recommends secure data destruction for both digital and non-digital media that contains PII prior to disposal or reuse.
- Financial Records – Given the prevalence of identity theft in numerous industries, we shouldn’t have to remind you that financial data should never be set loose on discarded hard drives.
Compliance with the Right to Financial Privacy Act of 1978 and the Financial Services Modernization Act of 1999 depends on financial institutions carefully controlling data about their customers. Banks and other financial entities need a dependable way to securely delete files in order to protect their customers from identity theft.
- Medical Information – The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires healthcare providers to keep their patients’ identifiable health information private. Insurance companies, hospitals, and other medical professionals are some of the leading users of professional data destruction services.
- Student Data – Universities and education providers at all levels protect information about their students, and that often means securely deleting files. The Family Educational Rights and Privacy Act (FERPA) protects “personally identifiable information from education records from further disclosure. . . and unauthorized use.”
That means that when colleges and universities stop using hard drives, servers, or other equipment, they must take care to protect stored data.
If you’re a home computer user, you probably do not need professional data destruction services unless you have a large quantity of hard drives or if you run a business out of your home. You can usually handle the process yourself with free programs like Darik’s Boot and Nuke (DBAN) — just take care when using these programs, as they’re extremely powerful. When you overwrite data multiple times, it is completely unrecoverable, even for trained experts.
However, if your job involves any of the data discussed above, you probably already spend a lot of time making sure you comply with privacy laws. Secure data destruction services provide the safest way to protect your sensitive data, and they’re essential when you need to destroy a large amount of data quickly (for instance, when you’re purging older backups to comply with regulations after a merger or acquisition, or when you upgrade older equipment).
The process for secure data destruction is simple and cost effective, and we can provide detailed documentation verifying our results. Call us at 1-800-237-4200 if you have any questions. We can describe our methods and figure out a secure data destruction plan for your organization.
