Disk Sanitizing Regulation for Workstations & Hard Drive Equipped Printers

Updated: February 17, 2025

Policy:

RUL08.05.02

Title:

Category:

Information Technology

Sub-category:

Security and Compliance

Authority:

Vice Chancellor for Administration and Finance

Contact:

Deputy CIO, Client Engagement and Support (252) 737-4428

Related Policies:

N/A

Additional References:

- North Carolina Records Retention Policy
- Kramden Data Bearing Device Policies and Procedures

History:

Policy Number 7.303 Supersedes Policy Dated: October 3, 2003 Effective Date: October 3, 2003 Review Date: November 9, 2011 Placed in University Policy Manual after EXPEDITED REVIEW, transitioned without substantive change from prior version, March 25, 2013. Updated February 17, 2025.

Previous Versions:

No previous versions available.

1. Introduction

1.1 Purpose of Regulation
To maintain data confidentiality by preventing access to information previously stored on workstations, transferred to new users or destined for surplus.
1.2 Person(s) with Primary Responsibility
Managers of Desktop Support Staff and Labs & Advanced Technologies Staff

2. Regulation

2.2 If a workstation is transferred from one primary user to another, its hard drive(s) shall be sanitized (i.e. reimaged) at the time of transfer.
2.3 Users should ensure that data covered by the North Carolina Records Retention Policy is copied from computers and appropriately stored before their disks are sanitized.