Data Destruction Guidelines
Last Updated: May 15, 2023
- OVERVIEW
The purpose of this document is to outline Faction’s (“Faction”, “Us”, “We”, “Our”) and Faction’s Customers’ (“Customer”, “You”, “Your”) responsibilities for destroying customer information stored on Faction Services. This document includes details outlining both Customer and Faction responsibilities when it comes to properly removing data from Faction Services.- Regions
This document applies to services provided in all Faction Service Delivery Regions. - Other Relevant Documents
Please refer to the relevant Service Offer Description document or a Solution Design Description associated with your purchase for further information regarding the specific services you have purchased from Faction.
- Definitions
The following defined terms are used throughout this document:- ePHI: means Protected Health Information that is transmitted by electronic media or maintained in any medium described in the definition of electronic media in the General HIPPA Provisions.
- PHI: Protected Health Information as defined in the General HIPPA Provisions.
- Scope
This document applies to Faction’s data storage solutions including Cloud Control Volumes. This document does not cover logical or network-based access to customer information.
- Regions
- CUSTOMER RESPONSIBILITIES
Customer should manage their data according to best practices and ensure compliance to any government or industry requirements that may apply.Customer is required to delete any and all data from the Faction services prior to the end of each subscription term. - FACTION RESPONSIBILITIES
- Information and Media Handling
Faction manages information and service delivery assets through their entire life cycle. Procedures have been established for the handling and storage of information to protect this information from unauthorized disclosure or misuse including:- Media Use: Use of personally owned media on organizational information systems or system components is prohibited. Faction prohibits the use of portable storage and mobile devices without using device ownership, media sanitization, and encryption controls.
- Media Access: Access to media is restricted based on its classification. Access is provided to authorized individuals only through technical controls on a need to know basis.
- Media Storage: Faction implements physical controls and secure storage for all forms of digital media. Portable digital media is encrypted using industry standard encryption methods
- Media Transport: Media containing sensitive information is protected by encryption and tamper evident packaging when being transported outside of controlled areas in order to protect against
unauthorized access, misuse, or corruption.- Faction restricts information and information assets from being taken off site unless prior authorization is obtained.
- Secure containers via authorized personnel are used when media is hand carried.
- Commercial carriers with trackable receipt are used for shipping / logistics.
- Records of accountability are maintained for all media transported outside of controlled areas.
- Activities associated with transport are documented.
- Transport of media is restricted to authorized personnel only.
- Media containing production data is encrypted using industry standard encryption methods.
- Media Sanitization: Both digital and non-digital media are sanitized prior to disposal, release out of organization control, or release for reuse using defined sanitization techniques under Section 3.4 (Guidelines for Media Sanitization).
- Non-Production Systems
Faction does not use client data for non-production / test systems. - Data Classification
Faction classifies client data as the organization’s most sensitive data. Faction assumes client data may contain sensitive or ePHI data and implements controls to protect the confidentiality, integrity and availability of client data. - Guidelines for Media Sanitization
All electronic media is assumed to contain sensitive information or protected health information and will be destroyed by disintegration, pulverization, melting, or incineration methods if appropriate measures cannot be taken to reuse the media. Paper media containing sensitive or protected health information will be shredded by utilizing crosscut shredders.Faction follows the steps below when a client gives Faction media to destroy or sanitize (including client decommissioning events):- Reusable Media / Client Decommissions
Media that can be reused, such as HDDs or SSDs from storage area networks or dedicated server storage will be reinitialized such that data cannot be reconstituted from the media. This can be accomplished using factory reset functionality or through storage initialization processes that clear the disk(s) and prepare a new LUN / Volume that incorporates zeroing out the storage to meet NIST SP800-88 guidelines. - Non-functioning Media or Client Destruction Requests
Non-functioning media or media that a client has requested be physically destroyed will be disposed of by Faction utilizing methods that conform to NIST SP800-88 guidelines highlighted in the Approved Data Destruction Methods section that follows. - Vendor Keep Your Drive Program Details
Under certain circumstances a client may have special needs with regard to media handling. If the client does not wish to allow drives to leave the facility under manufacturer warranties, a SKU can be added to the client configuration that allows drives to be replaced without sending the failed drive back to the original equipment manufacturer – this is often referred to as the Keep Your Drive program. If a client has opted into the keep your drive program, an exception is created to keep drives on site and follow a predefined destruction or custom media handling process. Information on the specific policies and procedures followed by Faction storage infrastructure vendors can be found on their respective websites:
- Reusable Media / Client Decommissions
- Approved Data Destruction Methods
The following guidelines will be adhered to for each media type to be destroyed when an approved method to clear all data is unavailable prior to disposition:- Paper Hard Copies
Procedure: destroy paper using cross cut shredders which produce particles that are 1 x 5 millimeters in size. - Microfilms
Procedure: destroy microfilms, microfiche, or other reduced image photo negative by burning. - Hand-Held Devices
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incinerator - Networking Devices, including Routers
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incinerator - Office Equipment
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incinerator - Magnetic Disk (includes floppies, ATA Hard Drives, USB Removable Media – pen drives, thumb drives, flash drives, memory sticks with hard drives, Zip Disks, SCSI Drives, others)
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incineratorMagnetic Disk includes floppies, ATA Hard Drives, USB Removable Media (such as pen drives, thumb drives, flash drives, memory sticks with hard drives), Zip Disks, SCSI Drives, others.
- Magnetic Tapes (includes reel and cassette format magnetic tapes)
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incinerator - Optical Disks (includes CDs and DVDs)
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incinerator - Memory
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incineratorMemory includes compact flash drives, SD, Dynamic Random Access Memory (DRAM), Electronically Alterable Prom (EAPROM), Electronically erasable PROM (EEPROM), Erasable Programmable Rom (EPROM), Field Programmable Gate Array (FPGA) Devices (Non-Volatile), Field Programmable Gate Array (FPGA) Devices (Volatile), Flash Cards, Flash EPROM ) FEPROM), Magnetic Bubble Memory, Magnetic Core Memory, Non Volatile RAM (NOVRAM), PC Cards, Personal Computer Memory Card International Association (PCMCIA) Cards, Programmable ROM (PROM), RAM, ROM, USB Removable Media (Pen Drives, Thumb Drives, Flash Drives, Memory Sticks) without hard drives, and Smart Cards. - Magnetic Cards
Procedure: shred, disintegrate, pulverize, or incinerate by burning in a licensed incinerator
- Paper Hard Copies
- Information and Media Handling
- NOTE: WARRANTY RELATED REPAIRS / RMA SERVICES
Failed media covered by authorized vendors’ warranty programs follow slightly different processes. Faction will make every effort to erase data from a disk before returning to the original equipment manufacturer. This is only possible in situations where the disk is being replaced due to predictive failure vs. actual failure (disk no longer functioning).These vendors meet the requirements of secure media handling and destruction identified under NIST guidelines. Additionally, Faction’s storage platforms rely on very large disk configurations (RAID) that already limit the amount of data that can be reconstituted from a single disk when removed from an array.