Data Sanitization. All CDPH PCI must be sanitized using NIST Special Publication 800-88 standard methods for data sanitization when the CDPH PCI is no longer needed.
Data Sanitization. At termination of the Contact, regardless of the reason for termination, the Contractor will return all data owned by the Customer in a standard electronic format of the Customer’s choosing. This shall be done no later than 30 days after termination of the Contract. Once all data has been returned and accepted by the Customer, the Contractor shall erase, destroy, and render unrecoverable all Customer-owned data and certify in writing that these actions have been completed and that destruction has been performed according to National Institute of Standards and Technology, Special Publication 800-88, “Guidelines for Media Sanitization” (2006). This shall be done within 14 days of acceptance of the data by the Customer.
Data Sanitization. At termination of the Contact, regardless of the reason for termination, the Contractor will return all data owned by the Customer in a standard electronic format of the Customer’s choosing. This shall be done no later than 30 days after termination of the Contract. Once all data has been returned and accepted by the Customer, the Contractor shall erase, destroy, and render unrecoverable all Customer-owned data and certify in writing that these actions have been completed and that destruction has been performed according to National Institute of Standards and Technology, Special Publication 800-88, “Guidelines for Media Sanitization” (2006). This shall be done within 14 days of acceptance of the data by the Customer. Notwithstanding the foregoing and Section 7, H. and I. (Security Acknowledgement), Contractor shall be permitted to maintain one archival copy of Customer-owned data for the period designated by the Customer’s retention records schedule, xxxx://xxxx.xxx.xxxxx.xx.xx/recordsmgmt/gen_records_schedules.cfm.
Data Sanitization. All Protected Data must be sanitized using NIST Special Publication 800-88 standard methods for data sanitization when the CDPH PSCI is no longer needed.
Data Sanitization. All DSH PCI must be sanitized using NIST Special Publication 800-88 standard methods for data sanitization when the DSH PCI is no longer needed.
Data Sanitization. At the end of a project covered by a SOW, the Vendor will return all State Data to the State or securely dispose of all State Data in all forms, this can include State Data on media such as paper, punched cards, magnetic tape, magnetic disks, solid state devices, or optical discs. This State Data must be permanently deleted by either purging the data or destroying the medium on which the State Data is found according to the methods given in the most current version of National Institute of Standards and Technology (NIST) Special Publication 800-88. The Vendor must complete and provide to the State point of contact a completed Certificates of Sanitization for Offsite Data, attached to this MSA as Attachment A. The State will review the completed Certificates of Sanitization for Offsite Data. If the State is not satisfied by the data sanitization, then the Vendor will use a method that does satisfy the State. This contract clause remains in effect for as long as the Vendor, and the Vendor’s subcontractors, agents, assigns, and affiliated entities have the State Data, even after the MSA or any SOW is terminated or the project is completed.
Data Sanitization. At the end of the project covered by this Agreement the Vendor, and Vendor’s subcontractors, agents, assigns, and affiliated entities will return the State Data or securely dispose of all State Data in all forms, this can include State Data on media such as paper, punched cards, magnetic tape, magnetic disks, solid state devices, or optical discs. This State Data must be permanently deleted by either purging the data or destroying the medium on which the State Data is found according to the methods given in the most current version of NIST 800-88. Certificates of Sanitization for Offsite Data (See xxx.xx.xxx/xxxxxx/xxxxxxx.xxxx for copy of certificate) must be completed by the Vendor and given to the State contact. The State will review the completed Certificates of Sanitization for Offsite Data. If the State is not satisfied by the data sanitization then the Vendor will use a process and procedure that does satisfy the State. This contract clause remains in effect for as long as the Vendor, and Vendor’s subcontractors, agents, assigns, and affiliated entities have the State Data, even after the Agreement is terminated or the project is completed.
