Data Destruction Policy

CSU Bakersfield Policy

 
 
Document Number:
ITS-90.008
Responsible Office:
Information Technology Services
Primary Author:
CIO & AVP of Information Technology
Last Revision Date:
6/9/2022
Effective Date:
1/1/2016

Purpose:

Purpose of the policy is to safeguard CSUB data by removing or destroying information for computers or equipment that is either being redeployed or surplussed. 

Scope:

Applies to all employees and data classified as either Level 1 or Level 2.
It is the policy of CSUB Information Technology Services to remove and/or destroy all institutional data from any computer storage device prior to redeployment or removing equipment from campus operation via either surplus or disposal.
 
The primary reason for this is a concern for confidential, high risk data and software programs that may be on the computers. All computers released by campus departments must pass through an ITS standard disk wiping process before they can be redeployed, sold, donated or disposed of via the survey process.
This policy shall be reviewed every two years by the Chief Information Security Officer and provided to the Associate Vice President & CIO for approval.