Data Destruction. When no longer needed, all County PHI or PI must be cleared, purged, or destroyed consistent with NIST Special Publication 800-88, Guidelines for Media Sanitization such that the PHI or PI cannot be retrieved.
Data Destruction. Contractor(s) and Vendor(s) that have maintained, processed, or stored the County of Los Angeles’ (“County”) data and/or information, implied or expressed, have the sole responsibility to certify that the data and information have been appropriately destroyed consistent with the National Institute of Standards and Technology (NIST) Special Publication SP 800-88 titled Guidelines for Media Sanitization. Available at: xxxx://xxxx.xxxx.xxx/publications/PubsDrafts.html#SP-800-88 Rev.%201 The data and/or information may be stored on purchased, leased, or rented electronic storage equipment (e.g., printers, hard drives) and electronic devices (e.g., servers, workstations) that are geographically located within the County, or external to the County’s boundaries. The County must receive within ten (10) business days, a signed document from Contractor(s) and Vendor(s) that certifies and validates the data and information were placed in one or more of the following stored states: unusable, unreadable, and indecipherable. Vendor shall certify that any County data stored on purchased, leased, or rented electronic storage equipment and electronic devices, including, but not limited to printers, hard drives, servers, and/or workstations are destroyed consistent with the current National Institute of Standard and Technology (NIST) Special Publication SP-800-88, Guidelines for Media Sanitization. Vendor shall provide County with written certification, within ten (10) business days of removal of any electronic storage equipment and devices that validates that any and all County data was destroyed and is unusable, unreadable, and/or undecipherable.
Data Destruction. When no longer needed, all DHCS PHI or PI must be cleared, purged, or destroyed consistent with NIST Special Publication 800-88, Guidelines for Media Sanitization such that the PHI or PI cannot be retrieved.
Data Destruction. 9.17.7.1 When Subrecipient has maintained, processed or stored County Information Assets, implied or expressed, and such County Information Assets are no longer required to be retained by Subrecipient under this Subaward and applicable law, County shall have sole authority to determine when Subrecipient shall destroy any such County Information Assets as described herein. Subrecipient shall only proceed with the destruction of County Information Assets (which may be stored on purchased, leased or rented electronic storage equipment (e.g., printers, hard drives, etc.) and electronic devices (e.g., servers, workstations, etc.) that are geographically located within Los Angeles County or external to Los Angeles County's boundaries) upon receiving written authorization from County.
Data Destruction. When no longer needed, all Department PHI or PI must be wiped using the Xxxxxxx or US Department of Defense (DoD) 5220.22-M (7 Pass) standard, or by degaussing. Media may also be physically destroyed in accordance with NIST Special Publication 800-88. Other methods require prior written permission of the Department Information Security Office.
Data Destruction. Vendor agrees that, upon termination or expiration of the Agreement, it shall erase, destroy, and render unreadable all FIU data from all computer systems and backups, and certify in writing that these actions have been completed within thirty (30) days of the termination of the Agreement or within seven
Data Destruction. When no longer needed, all PII must be cleared, purged, or destroyed consistent with NIST SP 800-88, Guidelines for Media Sanitization, such that the PII cannot be retrieved.
Data Destruction. Contractor(s) that have maintained, processed, or stored County of Los Angeles data and/or information, implied or expressed, have the sole responsibility to certify that the data and information have been appropriately destroyed consistent with the National Institute of Standards and Technology (NIST) Special Publication SP 800-88 titled Guidelines for Media Sanitization. Available at: xxxxx://xxxxxxx.xxxx.xxx/nistpubs/SpecialPublications/NIST.SP.800- 88r1.pdf The data and/or information may be stored on purchased, leased, or rented electronic storage equipment (e.g., printers, hard drives) and electronic devices (e.g., servers, workstations) that are geographically located within the County, or external to the County’s boundaries. The County must receive, within 20 business days of data destruction, a signed document from Contractor that certifies and validates the data and information containing PHI and PII were placed in one or more of the following stored states: unusable, unreadable, and indecipherable. Contractor shall certify that any County data stored on purchased, leased, or rented electronic storage equipment and electronic devices, including, but not limited to printers, hard drives, servers, and/or workstations are destroyed consistent with the current National Institute of Standard and Technology (NIST) Special Publication SP-800-88, Guidelines for Media Sanitization. Contractor shall provide County with written certification, within ten
Data Destruction. Electronic portable media (e.g. CD’s, hard drives, floppy disks, ZIP drives) which contained Intel Classified information must be disposed of in a secure manner (e.g. disk wipe to DOD 5220.22M standard, degauss or physical destruction). Hard copies of Intel Classified information must be disposed of by cross cut shredding or other secure destruction methods
Data Destruction. Prior to the termination of this Agreement, Recipient shall assist the Department or the applicable Customer in exporting and extracting or destroying, at the Department’s or the applicable Customer’s direction, all information obtained from the Department or the applicable Customer by Recipient or created for the Department or the applicable Customer by Recipient pursuant to this Agreement at no cost, in a format acceptable to the Department or the applicable Customer without the need to purchase additional services and/or commodities. Additionally, when the Agreement is terminated, Recipient shall transfer to the Department, or the Customer as applicable, all such information in all its forms from the Department or the applicable Customer and shall destroy duplicate records in accordance with section 501.171(8), F.S., and, if applicable, section 119.0701, F.S. This obligation to transfer and destroy information survives the term of this Agreement. Recipient shall adhere to established information destruction standards, such as those established by the National Institute of Standards and Technology Special Publication 800-88, “Guidelines for Media Sanitization” (2014), in destroying duplicate information provided by the Department or the applicable Customer. See xxxx://xxxxxxx.xxxx.xxx/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf. Recipient shall provide the Department, or the Customer as applicable, with written confirmation of destruction of Confidential Information in accordance with these standards. If Recipient is permitted by the Department or the applicable Customer to keep Confidential Information upon termination of this Agreement, Recipient shall continue to protect and maintain the confidentiality of the Confidential Information in accordance with applicable State and federal laws, rules, and regulations and such obligations set forth herein shall survive this Agreement.
