Skip to main content

Research Data Management: Destruction

Guidance and support to staff, researchers and students at the University of Southampton

Secure Destruction of Electronic Data

The following guidance is intended to assist in preventing unauthorised access to University data that is held electronically, especially when the device on which it resides is disposed of or recycled. It should be noted that;

There is a wide range of data held in the University, in many different formats, with research data being one of the most significant. It is important that, as well as planning for the curation of your data, you give consideration to how it will be destroyed where this is required for legal or other reasons. Guidance on when and who authorises the destruction of research data is covered in our section on Retention Periods and in the University Research Data Management Policy.

Destruction of data

  • University Windows build computers: deleting from My Documents will delete from the server (deleted items may end up in the Recycle Bin which will required to be deleted)  
  • University Windows build computers: for locally stored data on desktop or C drive, data will be deleted and moved to Recycle Bin which then must be emptied. 
  • Deleting from J Drive will delete files with no copy retained in Recycle Bin.
  • Mac laptops/desktops: deleted items are moved to Trash which must be emptied. The "Secure Empty Trash" utility is available from the "Finder" menu

N.B. when data stored on an iSolutions server will still exist on backups for a period of time (usually 90 days).

To delete emails: empty mailbox and then purge.

Outlook/Exchange has a facility to allow deleted emails to be recovered up to 30 days after they have been deleted.   There is also a facility within Outlook to purge deleted emails altogether so that they cannot be recovered.
 

To enable the secure disposal of electronically held data, it is not sufficient to simply delete the folder or file(s) from your PC or other device, because the data remains on the media but the space previously allocated is now available to be overwritten at some point in the future. Even reformatting the storage is not guaranteed to make the data unavailable. There are several methods to ensure that electronic data held on magnetic and solid state media is secure from unauthorised access.

  1. A secure wipe should be carried out. This process can take some time to complete.
    • DBAN is a popular and free disk wiping utility and is available for Macintosh, Linux and Windows PCs
    • On Macintosh (10.3 or greater) the "Secure Empty Trash" utility is available from the "Finder" menu
    • Digital voice recorders/tape cassettes/video cassettes: follow the manufacturer’s instructions to carry out a hard reset of the device
  2. Physical destruction of the disk
    • The University operates the WEEE (Waste Electrical and Electronic Equipment) regulation to ensure equipment is disposed of safely and securely. The University retains an external company that specialises in destroying magnetic and solid state media and will provide a "Certificate of Assurance". To arrange for the disposal of any electronic equipment please complete the the IT Disposal request form.

It is recommended that optical media such as DVDs and CDs are physically destroyed. A simple method is to use a suitable shredder. Note that not all shredders are capable of destroying optical media, please check the suitability of your shredder before using this method.

If you cannot find a suitable shredder, the University retains an external company that specialises in destroying magnetic and solid state media and will provide a "Certificate of Assurance". To arrange for the disposal of any electronic equipment please complete the IT Disposal request form.

It is important that any data identified as sensitive and/or confidential and is not to be retained, whether for legal, ethical or other reasons, is destroyed carefully.  The University Estates and Facilities provide a service for the removal of confidential waste. Requests for the removal of confidential waste should be made via Planon on SUSSED.

If your data is highly sensitive you should seek advice from within your Faculty/Research/Academic group to confirm that the confidential waste service is appropriate for your material. If you are shredding your sensitive material you should use cross-cut shredders with a minimum standard of DIN 4.

Loading ...


Follow @UniSotonLibrary