Enterprises must comply with data protection laws and regulations, such as GDPR (Europe), HIPAA (United States), or CCPA (California), and others, when collecting, storing, and destroying personal/sensitive data, as non-compliance can lead to hefty fines and lawsuits. Additionally, compliance helps build trust with customers, clients, and partners.
These laws mandate stringent data disposal measures to protect personal and sensitive information and ensure that organizations take adequate steps to prevent unauthorized access to data once it is no longer needed.
Government agencies, cybersecurity organizations, and regulatory bodies have different standards to align with global regulations, which primarily vary in the overwriting methods and patterns used on storage devices
We will discuss some commonly accepted and industry-recognized wiping standards for data wiping and deletion that align with data protection laws:
Also Read: Importance Of Data Security In Enterprises
Global Data Wiping Standards and Legal Compliance
1: Europe (GDPR)
The General Data Protection Regulation (GDPR) enforces strict guidelines on data handling, including erasure.
GDPR emphasizes the ‘Right to be Forgotten,’ ensuring that personal data is thoroughly and irreversibly erased upon request or when it’s no longer needed.
Standards like NIST 800-88 and ENISA guidelines are commonly recommended for GDPR compliance, ensuring data is unrecoverable.
2: Germany
Germany’s Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) follows core principles like lawfulness, fairness, and transparency when regulating how personal data is collected, processed, stored, and deleted in Germany.
Though BDSG does not prescribe specific wiping, the recommended standards for data wiping are DoD 5220.22-M or NIST 800-88 for secure data disposal.
2: United States (GLBA, HIPAA, FATCA, and CCPA)
In the U.S., data protection regulations such as HIPAA (for healthcare data), CCPA (for consumer data), GLBA (for financial data), and FATCA (for consumer credit data) necessitate robust data sanitization measures.
While none of the laws doesn’t specify a particular method, it strongly advises following standards like NIST 800-88 for data erasure or DoD 5220.22-M or physical destruction like shredding and degaussing for physical documents.
3: New Zealand
New Zealand’s Privacy Act 2020 applies to all public and private organizations that handle personal data in New Zealand. The act is based on 13 privacy principles, which dictate what enterprises must follow regarding the collection, use, storage, and disclosure of data.
The Privacy Act doesn’t specify any particular method or standard to follow during data sanitization, but enterprises must ensure secure disposal to prevent unauthorized access using physical destruction methods like shredding, incineration, degaussing, secure wiping software
4: Middle East (UAE PDPL and Saudi Arabia PDPL)
Both the United Arab Emirates (UAE PDPL) and Saudi Arabia (PDPL) are relatively new data protection laws that align with global privacy frameworks like GDPR.
While neither explicitly mandates a specific data wiping standard, they require organizations to ensure secure and irreversible data deletion when personal data is no longer needed and maintain audit logs of data deletion for compliance verification
The recommended standards are NIST 800-88, ISO/IEC 27040, and ISO/IEC 27001.
4: Asian
Asian countries like China’s Personal Information Protection Laws (PIPL), Japan’s APPI (Act on the Protection of Personal Information), India’s (DPDP), and Singapore’s (DPDP) have specific laws on data privacy and security that emphasize secure data deletion, although none prescribe a specific standard for data wiping.
The recommended standards for enterprises to meet the compliance are NIST 800-88, ISO/IEC 27001, and ISO/IEC 27040.
The upcoming sections will explain how some of the notable and commonly used data-wiping standards across the globe perform erasure on storage devices.
Industry-Recognized Wiping Standards
1: DoD 5220.22-M
DoD 5220.22-M is a widely used data sanitization standard established by the U.S. Department of Defense (DoD) for securely erasing data from storage devices, such as hard drives. It was originally part of the National Industrial Security Program Operating Manual (NISPOM).
In DoD 5220.22-M, previously stored information on the drive is overwritten with a 3-pass or 7-pass binary pattern, depending on the organization’s policy.
3 Pass Method:
The three-pass method is considered sufficient for most non-classified data. The idea was that a single overwrite wouldn’t be enough to erase the original data completely, but three overwrites were more than enough to render the data unrecoverable.
Pass 1: Overwriting with Zeros (0x00): The entire disk is overwritten with the binary value 0 (zero).
Pass 2: Overwriting with Ones (0xFF): Every bit is written with the value 1 (binary ones)
Pass 3: Overwriting with Random Data: Finally, the drive is overwritten with random binary patterns
The reason for using multiple passes is that each new pattern further destroys the old data. Even if part of the drive is recovered, it would be extremely hard to piece together anything meaningful.
7 Pass Method:
The 7-pass method is a more thorough variation of the standard 3-pass method. It follows the same general idea of overwriting a drive multiple times to ensure the data is completely erased and unrecoverable, but it does this process seven times instead of three.
Pass 1: Overwrite with Zeros (0x00): The entire storage is overwritten with the binary value 0 (zeros)
Pass 2: Overwrite with Ones (0xFF): The second pass replaces the zeros with the binary value 1 (ones).
Pass 3: Overwrite with Random Data: This pass writes random data (random binary values) to the drive.
Pass 4: Overwrite with Zeros (0x00): The drive is again overwritten with zeros
Pass 5: Overwrite with Ones (0xFF): Another pass of ones is written to the drive.
Pass 6: Overwrite with Random Data: The storage is overwritten with random data again.
Pass 7: Overwrite with Zeros (0x00): The last pass overwrites the drive with zeros.
The 7-pass method was initially used to erase data more rigorously and securely, typically when handling highly sensitive or classified information. The idea is that performing more passes adds an extra layer of security, making it far harder to recover any traces of the original data.
2: NIST 800-88
NIST 800-88 is a data sanitization standard developed by the National Institute of Standards and Technology (NIST) to guide the proper disposal of sensitive data from electronic storage media. It provides a more modern and comprehensive approach to data erasure than older methods like DoD 5220.22-M.
The NIST 800-88 standard covers three primary data sanitization methods: Clear, Purge, and Destroy. These methods ensure that data is irrecoverable and meets specific security and compliance requirements.
Unlike traditional multi-pass overwriting techniques, NIST 800-88 adapts to newer storage technologies, such as solid-state drives (SSDs), and addresses the limitations of older methods.
NIST 800-88 Data Sanitization Methods
Clear
The Clear method is suitable for data stored on media that is still in working condition but will be reused within the organization or moved to a different user.
This involves overwriting data using logical techniques such as single-pass overwrite, encryption, or degaussing.
Purge
The Purge method is a more secure form of data erasure, intended for media that will be reused or repurposed for other environments where stronger security is needed.
This method renders the data unrecoverable by using physical or logical techniques, such as cryptographic erasure, degaussing, or specialized software, to overwrite the data multiple times.
Destroy
The Destroy method is the most secure and irreversible form of data sanitization. It physically destroys the storage media to ensure that the data is permanently inaccessible.
Destroying is done when the media is no longer needed and cannot be reused where the device is physically destroyed through methods such as shredding, crushing, or incinerating the storage media.
3: HMG IS5
HMG Infosec Standard 5 is the data destruction standard established by the UK Government’s National Cyber Security Centre (NCSC), part of the UK’s Government Communications Headquarters (GCHQ). Widely used in UK government and defense sectors to ensure sensitive data is permanently destroyed.
HMG IS5 outlines methods for sanitizing both physical and logical storage media and defines the necessary procedures for securely wiping or destroying information to prevent unauthorized access. It is considered one of the most stringent data sanitization standards, particularly for high-security environments.
HMG IS5 Data Sanitization Methods
Clear
The Clear method in HMG IS5 is similar to the NIST 800-88 Clear method, where data is logically overwritten using a standard wiping technique. This involves overwriting data with a single pass of zeros or random data to make it inaccessible by normal means.
Purge
The Purge method is a more secure and thorough erasure process that involves multiple overwriting passes to ensure that the data cannot be recovered using advanced techniques or forensic tools. It performs multiple overwrites or applies cryptographic methods to irreversibly render the data unreadable.
Destroy
The Destroy method is the most secure and irreversible data sanitization method outlined in HMG IS5. It involves physical destruction like shredding, crushing, or incinerating of storage media to ensure that no data can be recovered. It is used when absolute assurance is required that no data can be reconstructed or recovered.
4: Gutmann Method
Developed by Peter Gutmann in 1996. It was designed to provide a high level of assurance that data on a hard drive is completely erased, making it impossible to recover, even using advanced data recovery techniques.
The Gutmann Method is distinctive because of its 35-pass overwrite process. The idea behind this method is to overwrite data multiple times using a combination of specific patterns designed to recover the original data on the disk.
However, in modern times, its usage has declined due to the evolution of newer storage technologies, such as solid-state drives (SSDs), where the method’s many overwrite passes are often not effective. Despite this, the Gutmann Method is still relevant for traditional spinning hard drives (HDDs) where high-level data destruction is required.
The 35 Passes
Pass 1–2: Overwrite with random values.
Pass 3: Overwrite with a known pattern (e.g., alternating 0s and 1s).
Pass 4: Overwrite with another random value.
Passes 5–6: Repeated passes of random data.
Passes 7–10: Use specific pre-calculated values to overwrite sections of the disk.
Passes 11–32: More random values are written to obscure any remaining data.
Pass 33–35: Finally, a combination of random and alternating patterns to ensure that no data can be reconstructed.
5: IEEE 2883-2022
IEEE 2883-2022 is a standard established by the Institute of Electrical and Electronics Engineers (IEEE) outlining secure data sanitization methods. This standard is particularly relevant in the context of modern storage technologies, including hard disk drives (HDDs) and solid-state drives (SSDs), and it focuses on ensuring the complete removal of data to protect privacy and security.
The IEEE 2883-2022 standard is designed to accommodate a variety of use cases and industries, including government, military, and enterprise environments. It provides both technical guidelines and best practices for securely disposing of data, ensuring that data sanitization methods meet high-security standards.
The standard recognizes that data sanitization can be approached through different methods, depending on the security requirements, the type of storage device, and the intended reuse or disposal of the device.
IEEE 2883-2022 Data Sanitization Methods
Clear
The Clear method refers to logical techniques to overwrite data, ensuring that it is no longer accessible by conventional means. This is suitable for devices that will be reused within a secure environment.
The data is overwritten with zero and random data that makes the original data. However, this method does not provide a high enough level of security for highly sensitive data.
Purge
The Purge method is more secure than clear, as it involves the use of more advanced techniques to ensure that data cannot be recovered, even with sophisticated forensic tools.
This method can be applied to both hard drives and solid-state drives (SSDs) and is intended for devices that are being decommissioned or transferred out of a secure environment.
The drive is overwritten with multiple passes, often combined with cryptographic erasure or other advanced techniques, to ensure the data is completely erased and irrecoverable.
Destroy
The Destroy method is the most secure method for data sanitization outlined in IEEE 2883-2022, involving physical destruction like shredding, crushing, or incineration of the storage device to ensure no data can be recovered, even with the sophisticated recovery methods.
Risks of Improper Data Wiping
Data Breaches: If a device is not properly wiped before disposal or resale, sensitive information can be recovered using data recovery tools. This can lead to unauthorized access to personal, corporate, or confidential data, leading to identity theft or fraud.
Legal & Compliance Violations: Enterprises have strict data protection regulations like GDPR, HIPAA, and PCI DSS that need proper data disposal; failing to comply with them can lead to hefty fines, lawsuits, and reputational damage.
Loss of Trust: When a company fails to protect customer data and it gets exposed, its reputation can be severely damaged, leading to customer distrust and loss of business.
Conclusion
Even though manual crushing is a common approach to data disposal, if you are an SMB with limited resources, data wiping is an effective way to repurpose or retire the device while adhering to stringent compliance standards and laws with proof.
While physical destruction can contribute to carbon emissions in large-scale organizations, data wiping and recycling offer an easier and more efficient alternative.
