SEARCH

The How-To Geek Forums Have Migrated to Discourse

How-To Geek Forums / Geek Stuff

laws concerning data wiping

(13 posts)
  • Started 1 year ago by nharp0386
  • Latest reply from ProstheticHead
  • Topic Viewed 748 times

nharp0386
nharp0386
Posts: 145

I was recently reading about laws/mandates/regulations concerning data wiping, such as HIPAA and PIPEDA. I've also read about various data wiping utilities being compliant or noncompliant with these laws (DBAN, for example, is apparently non-compliant). I even ran across xxxxxxx.

I'm confused though... what exactly does all this mean? I've gotten the impression that it is something that mainly affects corporations whose computers might contain sensitive data, but I also read something about needing to wipe your HDD in a compliant manner if you wish to donate your old PC. What do these laws mean to me and my personal computer use?

Is it illegal to use a noncompliant utility to wipe my HDD?

Thanks!

Edit by mod. Direct download links are strictly forbidden here.

Posted 1 year ago
Top
 
nharp0386
nharp0386
Posts: 145

Just saw the edit... sorry about that.

Posted 1 year ago
Top
 
ispalten
ispalten
Posts: 6259

Are you sure you are talking about 'laws'' vs. mandates or regulations?

From your link :

==============
It should be noted that DBAN does not comply with mandates such as HIPAA or Sorbanes-Oxley,
==============

Government and businesses usually have much more stringent requirements for 'cleaning' a disk than a home user...

Again, from your link :

===============
For most home users DBAN should be fine to use for the purpose of making personal data impossible to recover from an old hard drive.
===============

It might be 'laws' though, but they pertain to the loss of data and responsibility I think?

Check this LINK though.

Irv S.

Posted 1 year ago
Top
 
nharp0386
nharp0386
Posts: 145

To be honest, ispalten, I'm not sure. I hadn't heard of any of this until very recently. I'm still confused as to what this all means; do these laws/mandates/regulations only really apply to businesses whose computers may contain sensitive data, or is it illegal for home users to wipe data in a manner that is not compliant with these laws/mandates/regulations?

Posted 1 year ago
Top
 
vistamike
vistamike
Posts: 10945
 
nharp0386
nharp0386
Posts: 145

I'm still a bit confused though... is it legal for a home user to wipe their data in a manner that is not compliant with these laws/regulations/mandates?

Posted 1 year ago
Top
 
Lighthouse
Lighthouse
Posts: 13598

Yes, but depends on the data.

Posted 1 year ago
Top
 
nharp0386
nharp0386
Posts: 145

What sort of data would it be illegal to wipe in a noncompliant manner?

Posted 1 year ago
Top
 
Lighthouse
Lighthouse
Posts: 13598

If you have details on members on databases for a club, or society, that you no longer work for/with, for example.

Posted 1 year ago
Top
 
nharp0386
nharp0386
Posts: 145

Really? Would that only be if you were donating the drive (or otherwise transferring ownership of it), or would it be illegal to use a non-compliant data wiping utility on a drive with such data even if you were keeping the drive yourself or disposing of it (or even destroying it)?

Posted 1 year ago
Top
 
ispalten
ispalten
Posts: 6259

I still don't think it is a 'law', hence illegal? I think if data WERE recovered from the drive and 'losses' happened because you didn't wipe it correctly, you could be held liable? It is all about taking the proper precautions and protection.

I guess if you were a CIA agent and had sensitive data on YOUR personal computer, wiped the drive in a non-recommended method, sold the computer, and someone retrieved the sensitive data off of it, and it was discovered the data was compromised because of what you did, you could be in BIG trouble. If on the other hand it was just your social security number that was there, wiped in the non-preferred method, sold, and someone got that SS number and did some identity theft with it, even if discovered how they got the number, nothing might happen? Who knows... Of course, I am NOT a Lawyer either.

Worried, consult a Lawyer, don't trust us.

Irv S.

Posted 1 year ago
Top
 
bobro
bobro
Posts: 384

I had a friend tell me a story, not too related, about when he went to the tip and got a laptop that worked from there. he got it home and it had rudy pics of some girl that lived a few doors down from him... always wipe HDDs people!

Posted 1 year ago
Top
 
ProstheticHead
ProstheticHead
Posts: 3281

@Bobro, I had a similar experience with a laptop that was traded in at the place I used to work. They'd made no attempt whatsoever to wipe the data, it booted straight to the desktop after we'd removed the password, and low and behold we found dozens of very, very naughty pictures of the previous owner (much to the amusement of my colleagues, I might add). It turned out the laptop had been stolen, so it was immediately handed over to the police.

So yeah. Encrypt your hard drives people, please!!

Posted 1 year ago
Top
 



Topic Closed

This topic has been closed to new replies.