The purpose of this policy is to provide a guideline for the procedure by which data may be permanently removed from any computer, server, removable media, CD/DVD, etc in such a way that the data is deliberately made non-recoverable. Employees must consult the University's Record Retention Policy prior to deleting any data. Any questions or comments about this policy should be directed to Information Systems.
This policy applies to all Murray State University owned equipment and non-Murray State owned equipment that contains university related data.
Murray State University understands the risks involved in storing data on various means of media, and also understands the need to ensure this data is secure. To do this, Murray State University requires the secure deletion of all files and information in multiple situations. These situations are described below.
4.0 Sanitization Guidelines
All system administrators, support personnel, and/or the device owner are responsible for ensuring the device is properly sanitized or sent to Property Services for processing. The method used to sanitize the device will greatly vary depending on the level of confidentiality of the data. Refer to the Data Sanitation Standard for the level of sanitation that will be required. Any questions can be directed to the system administrator or the Information Security Officer.
Anyone found to have violated this policy may be subject to disciplinary action, up to and including suspension of access to technology resources or termination of employment. A violation of this policy by a temporary worker, contractor or vendor may result in action up to and including termination of their contract or assignment with Murray State University.