Implements NIST SP 800-88 Rev. 1 media sanitization procedures: Clear, Purge, Destroy for all media types. Covers certificates of destruction, verification, vendor management, chain of custody.
npx claudepluginhub mukul975/privacy-data-protection-skills --plugin privacy-skills-completeThis skill uses the workspace's default tool permissions.
Secure data destruction ensures that personal data is rendered permanently irrecoverable when retention periods expire, assets are decommissioned, or erasure is required. NIST Special Publication 800-88 Revision 1 (Guidelines for Media Sanitization) provides the authoritative framework for sanitization methods. This skill covers the three sanitization levels (Clear, Purge, Destroy), media-speci...
Conducts multi-round deep research on GitHub repos via API and web searches, generating markdown reports with executive summaries, timelines, metrics, and Mermaid diagrams.
Dynamically discovers and combines enabled skills into cohesive, unexpected delightful experiences like interactive HTML or themed artifacts. Activates on 'surprise me', inspiration, or boredom cues.
Generates images from structured JSON prompts via Python script execution. Supports reference images and aspect ratios for characters, scenes, products, visuals.
Secure data destruction ensures that personal data is rendered permanently irrecoverable when retention periods expire, assets are decommissioned, or erasure is required. NIST Special Publication 800-88 Revision 1 (Guidelines for Media Sanitization) provides the authoritative framework for sanitization methods. This skill covers the three sanitization levels (Clear, Purge, Destroy), media-specific procedures, certificate of destruction generation, verification requirements, and vendor management for outsourced destruction services.
Defines three levels of media sanitization:
Personal data shall be processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage. Secure destruction is the final step in the data lifecycle security chain.
Equipment containing storage media shall be verified to ensure that any sensitive data and licensed software has been removed or securely overwritten prior to disposal or re-use.
The ICO recommends that organisations ensure personal data is disposed of securely, whether in electronic or paper form, and that appropriate verification is conducted to confirm destruction.
European standard for organizations providing secure destruction services, including requirements for personnel, premises, equipment, and processes.
The appropriate sanitization method depends on the confidentiality level of the data and the future disposition of the media:
[Media Contains Personal Data?]
│
├── No ──► Standard disposal (no sanitization required)
│
└── Yes ──► [Confidentiality Classification?]
│
├── Standard Personal Data
│ └── [Media Disposition?]
│ ├── Reuse within org ──► CLEAR
│ ├── Reuse external ──► PURGE
│ └── Disposal ──► DESTROY
│
├── Special Category Data (Art. 9)
│ └── [Media Disposition?]
│ ├── Reuse within org ──► PURGE
│ ├── Reuse external ──► DESTROY
│ └── Disposal ──► DESTROY
│
└── Highly Sensitive (financial, security, legal)
└── DESTROY (regardless of disposition)
| Media Type | CLEAR | PURGE | DESTROY |
|---|---|---|---|
| HDD (magnetic) | ATA Secure Erase (single pass overwrite with fixed pattern) | ATA Secure Erase Enhanced (multiple pass with verification); Degaussing with NSA/CESG-approved degausser | Physical destruction: shredding (particle size ≤ 2mm), disintegration, incineration, or smelting |
| SSD / Flash | ATA Secure Erase (vendor implementation) | ATA Sanitize Block Erase or Crypto Erase (if SED); NVMe Format with Crypto Erase | Physical destruction: shredding (particle size ≤ 2mm), disintegration, incineration |
| Magnetic tape | Overwrite entire tape with fixed pattern (single pass) | Degaussing with NSA/CESG-approved degausser rated for tape coercivity | Physical destruction: shredding, incineration |
| Optical media (CD/DVD/Blu-ray) | Not applicable (WORM media) | Not applicable (WORM media) | Physical destruction: shredding (particle size ≤ 0.5mm), incineration |
| USB flash drives | ATA Secure Erase (if supported) | Crypto Erase (if SED); vendor-specific sanitize command | Physical destruction: shredding, disintegration |
| Mobile devices | Factory reset + encryption verification | Crypto Erase (full-device encryption key destruction) | Physical destruction: shredding |
| Paper documents | Not applicable | Not applicable | Cross-cut shredding (DIN 66399 P-4 minimum; P-5 for special category data); incineration |
| Virtual machines / cloud instances | Delete VM and associated disks; verify deallocation | Crypto Erase (destroy encryption keys); vendor-certified sanitization | Request destruction certificate from cloud provider (limited availability) |
| Level | Particle Size | Use Case |
|---|---|---|
| P-1 | ≤ 12mm strips | General, non-personal documents |
| P-2 | ≤ 6mm strips | Internal documents, low sensitivity |
| P-3 | ≤ 2mm strips or 320mm² particles | Personal data (standard) |
| P-4 | ≤ 160mm² particles (max 6mm width) | Minimum for GDPR personal data |
| P-5 | ≤ 30mm² particles (max 2mm width) | Special category data, financial data |
| P-6 | ≤ 10mm² particles (max 1mm width) | Classified, intelligence-grade |
| P-7 | ≤ 5mm² particles (max 1mm width) | Top secret, maximum security |
PROCEDURE: IN-HOUSE ELECTRONIC MEDIA SANITIZATION
Organization: Orion Data Vault Corp
Procedure ID: SEC-DEST-001
1. ASSET IDENTIFICATION
- Record asset tag, serial number, media type, capacity
- Record data classification level
- Record owning department and data categories stored
- Verify no active litigation hold applies (check litigation hold register)
2. CHAIN OF CUSTODY
- Collect media from originating department with signed handover form
- Transport in sealed, tamper-evident container
- Log receipt in destruction register with timestamp and receiving officer
3. SANITIZATION EXECUTION
a. Select sanitization method per decision framework above
b. For CLEAR:
- Execute ATA Secure Erase / vendor secure erase command
- Log start time, end time, tool used, firmware version
c. For PURGE:
- Execute degaussing (record degausser model, field strength, pass count)
- OR execute Crypto Erase (record key destruction confirmation)
- OR execute ATA Sanitize command (record command type and completion)
d. For DESTROY:
- Transfer to destruction equipment (shredder, disintegrator)
- Execute destruction (record equipment model, particle size achieved)
- Collect destroyed material in secure waste container
4. VERIFICATION
- For CLEAR/PURGE: Attempt to read data from sanitized media using forensic tools
- Verification must be performed by a different individual than the one who executed sanitization
- For DESTROY: Visual inspection to confirm media is physically irrecoverable
- Record verification result (PASS/FAIL)
- If FAIL: Escalate to next sanitization level
5. DOCUMENTATION
- Generate Certificate of Destruction (see template below)
- Update asset register to mark asset as destroyed/sanitized
- File certificate in destruction records (retain for 7 years)
PROCEDURE: THIRD-PARTY DESTRUCTION SERVICE MANAGEMENT
Organization: Orion Data Vault Corp
Procedure ID: SEC-DEST-002
1. VENDOR QUALIFICATION (pre-engagement)
- Verify EN 15713:2009 certification (or equivalent)
- Verify ISO 27001:2022 certification
- Verify ADISA (Asset Disposal & Information Security Alliance) certification
- Review vendor's data processing agreement (Art. 28 GDPR)
- Conduct on-site audit of destruction facility
- Verify insurance coverage (minimum £5M professional indemnity)
- Verify DBS checks on all personnel handling media
2. PRE-COLLECTION PREPARATION
- Complete asset inventory of items for destruction
- Seal items in tamper-evident containers
- Affix unique tracking barcode to each container
- Generate collection manifest listing all assets by serial number
3. COLLECTION AND TRANSPORT
- Vendor arrives with GPS-tracked, locked vehicle
- Verify driver identity against pre-approved personnel list
- Hand over sealed containers with signed collection manifest
- Retain copy of collection manifest
4. DESTRUCTION EXECUTION (at vendor facility)
- Option A: On-site destruction (vendor brings mobile shredder)
- Orion Data Vault Corp representative witnesses destruction
- Video recording of destruction process
- Option B: Off-site destruction (at vendor facility)
- GPS tracking of vehicle to vendor facility
- Video evidence of destruction provided within 24 hours
5. CERTIFICATE OF DESTRUCTION
- Vendor provides Certificate of Destruction within 5 business days
- Certificate must include: asset serial numbers, destruction method, particle size,
date/time, location, personnel involved, verification method
- Cross-reference certificate against collection manifest (100% match required)
6. ANNUAL VENDOR AUDIT
- Annual on-site audit of vendor facility and processes
- Review vendor's incident register
- Verify continued certification compliance
- Review subcontractor arrangements (if any)
═══════════════════════════════════════════════════════════════
CERTIFICATE OF DESTRUCTION
Orion Data Vault Corp
═══════════════════════════════════════════════════════════════
Certificate Number: COD-2026-0087
Date of Destruction: 2026-03-14
Location: Orion Data Vault Corp — Secure Destruction Room B2
REQUESTING DEPARTMENT: IT Operations
AUTHORISED BY: [Information Security Manager Name]
DATA PROTECTION OFFICER APPROVAL: [DPO Name] — Approved 2026-03-12
ASSETS DESTROYED:
┌────────────┬──────────────┬──────────┬──────────┬───────────────┬──────────────┐
│ Asset Tag │ Serial No. │ Type │ Capacity │ Data Class. │ Method │
├────────────┼──────────────┼──────────┼──────────┼───────────────┼──────────────┤
│ OD-SRV-441 │ WD-2TB-A8F21 │ HDD 3.5" │ 2 TB │ Special Cat. │ DESTROY │
│ OD-SRV-442 │ WD-2TB-A8F22 │ HDD 3.5" │ 2 TB │ Special Cat. │ DESTROY │
│ OD-LAP-219 │ SM-512-C3E01 │ SSD M.2 │ 512 GB │ Standard PD │ PURGE+DESTROY│
│ OD-USB-088 │ KN-64G-D1F03 │ USB Flash│ 64 GB │ Standard PD │ DESTROY │
│ OD-TAP-017 │ LT-8TB-E2G04 │ LTO-8 │ 12 TB │ Financial │ DESTROY │
└────────────┴──────────────┴──────────┴──────────┴───────────────┴──────────────┘
SANITIZATION DETAILS:
- Method: Physical destruction via industrial shredder (model: HSM Powerline FA 500.3)
- Particle size achieved: 2mm (compliant with DIN 66399 E-4 / H-5)
- Pre-destruction purge: Degaussing performed on HDDs and tape (Verity Systems V94 DG,
field strength: 1.2 Tesla, 2 passes)
VERIFICATION:
- Post-shredding inspection: PASS — no intact media fragments exceeding particle size spec
- Verified by: [Security Officer Name] — independent of destruction operator
- Photographic evidence: Retained in destruction records (file: COD-2026-0087-photos.zip)
WASTE DISPOSAL:
- Destroyed material transferred to licensed WEEE recycler
- Recycler: [Licensed Recycler Name], License No: [WEEE License]
- Transfer note reference: WTN-2026-0087
CHAIN OF CUSTODY:
- Collected from: Server Room A (Rack 14) by [IT Technician Name]
- Collection date: 2026-03-13
- Stored in: Secure Destruction Staging Area (locked, access-controlled)
- Destruction witnessed by: [Security Officer Name]
CERTIFICATION:
I certify that the assets listed above have been destroyed in accordance
with NIST SP 800-88 Rev. 1 guidelines and Orion Data Vault Corp
Secure Destruction Procedure SEC-DEST-001.
Destruction Operator: _________________________ Date: 2026-03-14
Verification Officer: _________________________ Date: 2026-03-14
DPO Acknowledgement: _________________________ Date: __________
═══════════════════════════════════════════════════════════════
RETAIN THIS CERTIFICATE FOR 7 YEARS
Next review: 2033-03-14
═══════════════════════════════════════════════════════════════
| Requirement | Standard | Evidence Required |
|---|---|---|
| Information security management | ISO/IEC 27001:2022 | Current certificate from accredited body |
| Secure destruction services | EN 15713:2009 | Current certificate |
| Asset disposal security | ADISA certification | Current ADISA certificate with relevant claim level |
| Data processing agreement | GDPR Art. 28 | Signed DPA covering destruction as processing activity |
| Personnel security | DBS/vetting checks | Confirmation that all personnel with access to media are vetted |
| Insurance | Professional indemnity | Certificate of insurance (minimum £5M) |
| Environmental compliance | WEEE Regulations 2013 | Waste carrier license; evidence of WEEE-compliant recycling |
| Business continuity | Operational resilience | BCP documentation; alternative facility available |
| Incident management | Breach notification capability | Documented incident response procedure; 24-hour notification commitment |
| Transport security | Secure logistics | GPS-tracked vehicles; locked and alarmed compartments |
| Metric | Target | Measurement |
|---|---|---|
| Certificate of destruction delivery time | Within 5 business days of destruction | Per engagement |
| Collection scheduling reliability | Within agreed collection window (±2 hours) | Per collection |
| Asset inventory accuracy | 100% match between manifest and certificate | Per engagement |
| Incident count | Zero security incidents | Annual |
| Certification maintenance | All certifications current | Annual check |
| Audit findings | Zero critical or major findings | Annual audit |
| Record | Retention Period | Storage |
|---|---|---|
| Certificate of Destruction | 7 years from destruction date | Secure document management system (encrypted) |
| Collection manifests | 7 years from collection date | Filed with associated certificate |
| Chain of custody logs | 7 years from destruction date | Filed with associated certificate |
| Photographic/video evidence | 3 years from destruction date | Secure encrypted storage |
| Vendor audit reports | 7 years from audit date | Vendor management file |
| Vendor DPA | Duration of relationship + 6 years | Legal records |