Data Sanitization
Data Sanitization shall be, at a minimum, in conformance with the protocols defined in the National Industrial Security Program (NIST) Publication 800-88, Rev. 1 – Guidelines for Data Sanitization and any applicable privacy laws or regulations, including but not limited to FACTA, HIPAA, Sarbanes-Oxley and the Gramm-Leach-Bliley Act.
For data erasure of physical media, Green Owl Tech Recycling uses White Canyon WipeDrive Enterprise which has obtained EAL 2+ Certification on a data erasure security target and received evaluation by a Common Criteria certified lab. This rigorous certification is the most comprehensive certification currently available and is an international standard for computer security certification managed by 30 member countries.
WipeDrive's NIAP Certification means that it complies with all of the following U.S. and international disk wiping standards:
​
-
Common Criteria EAL 2+
-
US DoD 5220.22-M
-
Meets the Common Criteria Evaluation and Validation Scheme
-
FACTA standards
-
Sarbanes-Oxley
-
US Army AR380-19
-
US Air Force System Security Instruction 5020
-
US Navy Staff Office Publication P-5329-26
-
US National Computer Security Center TG-025
-
NATO NIAPC
-
GB HMG Infosec Standard #5 Baseline
-
GB HMG Infosec Standard #5 Enhanced
-
German VSITR
-
Australian Defense Signals Directorate ACSI-33(X0-PD)
-
Australian Defense Signals Directorate ACSI-33(X1-P-PD)
-
Canadian RCMP TSSIT OPS-II Standard Wipe
-
CIS GOST P50739-95
-
CSEC ITSG-06
-
Standard single pass overwrite
​
Physical media that cannot be erased, or reused, or when directed by Customer, will be domestically recycled by GOTR through its de- manufacturing and shredding process, using a National Security Agency (NSA)-approved commercial hard drive shredder in compliance with Department of Defense (DoD) 5220.22M such that no Data can be recovered.
