Certified Data Destruction for Retired Electronics

NIST 800-88 Rev 1: The Three Sanitization Levels

The National Institute of Standards and Technology defines three progressively rigorous levels of media sanitization in Special Publication 800-88 Revision 1. Understanding these levels is essential for selecting the right data destruction method based on the sensitivity of your data, the type of storage media, and your organizational risk tolerance. We support all three levels and help you determine which is appropriate for each category of media in your inventory.

Clear

Clear-level sanitization protects against simple data recovery attempts using standard file recovery tools and operating system utilities. It applies logical techniques to overwrite data in all user-addressable storage locations. Common Clear-level methods include single-pass overwriting with a fixed pattern, using the drive's built-in reformat command with overwrite enabled, or executing a factory reset that includes storage overwrite. Clear is appropriate for media that will be reused within the same security domain or organization, where the risk of sophisticated data recovery attacks is low. For corporate laptop fleets being refreshed internally, Clear-level sanitization often satisfies organizational requirements while preserving the drive for continued use.

Purge

Purge-level sanitization protects against state-of-the-art laboratory recovery techniques. It renders data infeasible to recover even with advanced forensic methods applied to the physical storage medium. Purge methods include multi-pass overwriting with verified patterns, manufacturer-specific Secure Erase commands (ATA Secure Erase, NVMe Format, NVMe Sanitize Block Erase, NVMe Sanitize Crypto Erase), degaussing of magnetic media with a field strength that exceeds the drive's coercivity rating, and cryptographic erasure on self-encrypting drives. Purge is the standard we recommend for most enterprise data destruction engagements. It provides the highest level of assurance for media that will leave your organization's control, whether through our server buyback program, resale into secondary markets, donation, or transfer to a recycling stream. Purge-level methods satisfy the data destruction requirements of HIPAA, PCI DSS, SOX, GLBA, and virtually every other regulatory framework.

Destroy

Destroy-level sanitization renders the storage medium physically unusable and data recovery infeasible by any known method, including electron microscopy and magnetic force microscopy. Destruction methods include industrial shredding to particle sizes specified by DIN 66399 security levels, incineration at certified facilities, disintegration, pulverization, and chemical treatment of platters. Destroy is required when media cannot be sanitized through software methods (failed drives that do not respond to commands), when organizational policy mandates physical destruction regardless of media condition, or when handling data at classification levels that require NSA-approved destruction. While physical destruction eliminates the resale value of the drive hardware, the rest of the system, the laptop chassis, server motherboard, RAM, CPU, and other components, still holds significant recovery value through our buyback program.

Media Types & Applicable Methods

Different storage technologies store data in fundamentally different ways, which means a single sanitization method cannot be applied universally. Our technicians evaluate each media type in your inventory and select the appropriate technique based on the storage technology, the target NIST sanitization level, and the media's physical condition.

Hard Disk Drives (HDDs)

Traditional magnetic hard drives store data on spinning platters. They are the most straightforward media to sanitize because overwrite methods can address all user-accessible sectors reliably. Clear-level sanitization uses single-pass overwriting. Purge-level sanitization uses multi-pass overwriting to standards such as DoD 5220.22-M, Gutmann 35-pass, or Bruce Schneier 7-pass, or degaussing with an appropriately rated degausser. Destroy-level sanitization uses industrial shredding or platter disintegration. For functional HDDs from retired servers and corporate laptops, we recommend Purge-level overwriting because it achieves the highest data security while preserving the drive's resale value in the refurbished hardware market.

Solid-State Drives (SSDs) & NVMe

Flash-based storage presents unique sanitization challenges. Wear-leveling algorithms, over-provisioned reserve blocks, and block remapping mean that traditional overwrite methods cannot guarantee access to all physical storage cells. For SSDs, Clear-level sanitization uses overwrite methods but with the caveat that some data remnants may persist in inaccessible cells. Purge-level sanitization requires manufacturer-specific commands: ATA Secure Erase for SATA SSDs, NVMe Format or NVMe Sanitize (Block Erase or Crypto Erase) for NVMe drives, or cryptographic erasure on self-encrypting models. Destroy-level sanitization uses industrial shredding to DIN 66399 Level H-5 or higher specifications. We verify that Secure Erase commands completed successfully by sampling sectors post-sanitization and checking for known data patterns.

Magnetic Tapes (LTO, DLT, DAT)

Backup tapes remain common in enterprise environments, particularly in data center decommissions where tape libraries may contain years of archived data. Clear-level sanitization uses the tape drive's built-in erase function. Purge-level sanitization uses degaussing with a degausser rated for the tape's coercivity (modern LTO tapes require high-coercivity degaussers due to their dense recording format). Destroy-level sanitization uses industrial tape shredding or incineration. Organizations subject to HIPAA or SOX retention and destruction policies should pay particular attention to tape media, as forgotten tape libraries are a common source of compliance gaps during audits.

Mobile Devices (Phones, Tablets)

Smartphones and tablets use embedded flash storage with hardware encryption enabled by default on modern devices. Clear-level sanitization uses the device's factory reset function, which on encrypted devices performs a cryptographic erasure by destroying the encryption key. Purge-level sanitization combines factory reset with verification that the reset was performed on an encrypted device and that the storage reports as empty post-reset. For devices that cannot be reset (locked, damaged, non-booting), Destroy-level physical destruction through shredding or crushing is required. We process all major platforms including iOS, Android, and Windows Mobile devices in any condition.

Flash Media & Other Storage

USB flash drives, SD cards, CompactFlash, and embedded storage modules in networking equipment, printers, copiers, and medical devices all contain data that must be addressed during IT asset disposition. These media types typically lack the Secure Erase command infrastructure found in enterprise drives, so Purge-level sanitization often requires either specialized overwrite tools that address the entire flash translation layer or physical destruction. We inventory and sanitize all removable and embedded storage found in the equipment you send through our bulk pickup program, including storage that IT teams often overlook, such as NVRAM in switches, printer hard drives, and embedded storage in multifunction copiers.

Regulatory Compliance & Data Destruction

Data destruction is not optional. A growing body of federal, state, and industry regulations mandates that organizations securely destroy data when it is no longer needed for business purposes or when the hardware it resides on is retired from service. Failure to comply exposes your organization to regulatory penalties, civil liability, breach notification obligations, and reputational damage. Our data destruction program is designed to satisfy the media sanitization and documentation requirements of every major compliance framework.

HIPAA — Health Insurance Portability and Accountability Act

HIPAA requires covered entities and business associates to implement policies and procedures for the disposal of electronic protected health information (ePHI). The Security Rule at 45 CFR 164.310(d)(2)(i) specifically mandates disposal procedures for electronic media containing ePHI. Our Purge-level sanitization and comprehensive documentation satisfy HIPAA disposal requirements and provide the records your privacy officer needs for breach risk assessment. Learn about our healthcare electronics disposition program.

SOX — Sarbanes-Oxley Act

SOX Section 802 establishes criminal penalties for the alteration, destruction, or concealment of records relevant to federal investigations and bankruptcy proceedings, while also requiring companies to retain certain records for specified periods. When those retention periods expire, orderly destruction with documented proof is the best practice for minimizing liability from over-retention. Our documentation provides your compliance team with defensible proof that destruction occurred after retention obligations were fulfilled. Explore our financial services ITAD program.

GLBA — Gramm-Leach-Bliley Act

The GLBA Safeguards Rule requires financial institutions to develop, implement, and maintain a comprehensive information security program that includes the proper disposal of customer information. The FTC's Disposal Rule under FACTA further specifies that consumer report information must be disposed of in a manner that protects against unauthorized access. Our certified data destruction satisfies both GLBA and FACTA disposal requirements for financial institutions of all sizes. See our approach for financial services firms.

PCI DSS — Payment Card Industry Data Security Standard

PCI DSS Requirement 9.4 mandates that organizations destroy media containing cardholder data when it is no longer needed for business or legal reasons, using methods that render cardholder data unrecoverable. Acceptable methods include cross-cut shredding, incineration, pulping, or degaussing for electronic media. Our Purge and Destroy level methods satisfy PCI DSS media destruction requirements, and our Certificates of Destruction provide the documentation your QSA needs during assessment.

FACTA — Fair and Accurate Credit Transactions Act

FACTA's Disposal Rule applies to any person or organization that maintains or possesses consumer information for a business purpose. The rule requires reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal. This extends beyond financial institutions to any business that performs background checks, maintains customer credit files, or stores consumer report data. Our certified destruction processes satisfy FACTA disposal requirements across all industry sectors.

FERPA — Family Educational Rights and Privacy Act

Educational institutions must protect student education records throughout their lifecycle, including disposal. While FERPA does not specify particular destruction methods, the statute requires that records be destroyed in a manner that prevents unauthorized disclosure. Our documented destruction processes provide schools and universities with the compliance records they need to demonstrate responsible data stewardship. Learn about our education sector programs.

State Privacy Laws

State-level data protection statutes add additional requirements that may exceed federal mandates. Organizations operating in the Pacific Northwest and West Coast should be aware of these key requirements:

• Washington (RCW 19.215, HB 1071): Requires businesses to take reasonable steps to destroy personal information records that are no longer needed, using shredding, erasing, or otherwise modifying the personal information to make it unreadable or undecipherable. Washington's data breach notification statute (RCW 19.255.010) creates additional incentive for proper data destruction, as breaches involving improperly disposed hardware trigger notification obligations.
• Oregon (ORS 646A.622): Mandates that any person who maintains personal information about a consumer must develop, implement, and maintain reasonable safeguards to protect the security of that information, including proper disposal practices.
• California (CCPA/CPRA, Cal. Civ. Code 1798.81.5): California's expansive privacy framework includes explicit requirements for the disposal of customer records containing personal information. The CCPA grants consumers the right to request deletion, and proper media sanitization is required to effectuate those requests on retired hardware.

Our data destruction program satisfies the disposal requirements across all three states, making us the right partner for organizations with operations spanning Washington, Oregon, and California. We also serve law firms and legal departments that need to destroy client data in compliance with professional responsibility obligations and litigation hold release procedures, and government agencies required to follow specific disposition protocols for public records and controlled unclassified information.