The goal of a Data Retention Policy is to ensure data is secured for a reasonable amount of time to protect both the employee and the university. When there is a system upgrade/re-install, new installation or employee separation from the university, the data must be maintained in an undisturbed state. This is necessary to ensure data recovery if an employee needs a critical file that was not backed up or in order to respond to legal action. Storage Media will be stored :
- 90 days after an in-place* upgrade, in-place* re-install, or new system install
- 120 days after employee separation
During a new system install, in-place* upgrade or system restore, users data must be backed up and transferred with the goal of minimizing the possibility of data loss and ensuring the customer is operational as quickly as possible. This should be achieved by having a pre-configured/imaged drive that is swapped inplace of the existing drive, and data transferred from a backup of the original drive. The general procedure is as follows:
- techs will create an image backup of the original drive.
- remove the original drive and install a new drive in the system.
- an alternative method can take an image of the drive, however, in the case of employee seperation the image must be a forensic based image. Please contact the ISO for instructions.
- install the OS or image the new drive in the system.
- The drive should be pre-configured / imaged in advance if possible.
- once the system is setup with the new OS, data transfer can occur from the image of the original drive.
- The original drive should not be used and is kept as a backup.
- after the 90 days, the original drive may be re-purposed after a zero fill operation (minimum of 3 writes) and re-format is performed.
- for images of drives, techs will delete the images from the file system using a method that ensures the image/data is not recoverable using data recovery software. One suggestion could be to use the 'shred' feature in software such as Identity Finder.
Disposition of Drives
Disposition of Drives must ensure data is not recoverable and that the media is not usable to ensure accidental disclosure of PII/PHI data does not occur. All systems must have the drives taken to the Information Security Office for Degaussing before disposal of the drives.
*inplace upgrades are not done on the original drive, instead a new drive is installed and then the operating system is installed on the new drive.