Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Parted magic / Secure Erase  (Read 5372 times)

0 Members and 1 Guest are viewing this topic.

Mjryan37

    Topic Starter


    Newbie

    • Experience: Familiar
    • OS: Windows 7
    Parted magic / Secure Erase
    « on: September 11, 2013, 06:05:47 PM »
    I work for a small ompany that occasionally receives computers that have Protected Health Information (PHI).  Our current process is using DBAN or Killdisk to do a three pass overwrite and verification pass (DoD 5220 M).  I am wondering if anyone else has experience with how to erase hard drives in a way that complies with all government regulations?  We are going to be a covered entity which exposes us to external govt audits.

    I've done a lot of research and issuing the secure erase command (built in to all ATA drives since 2001) is both faster and more efficient than ANY block overwrote utility.  It even says so in the NIST SP 800-88 document titled "Guidelines for Media Sanitization."  However, it  DOES NOT reccomend a specific program to issue the command with.  So far I've
    Found two that are free, HDDErase 4.0 and Parted Magic.  Does anyone know if using freeware programs to issue SE is HIPAA/HITECH compliant ?  I've seen one other software program (Blancco) that costs money but it explicitly states it complies with all govt standards.  It also is capable
    Of keeping detailed records for audit purposes.

    Does anyone know which governing body establishes the rules for wiping HDDs with PHI on them.  I assume it is the NIST but I am no legal expert. 

    Geek-9pm


      Mastermind
    • Geek After Dark
    • Thanked: 1004
      • Gekk9pm bnlog
    • Certifications: List
    • Computer: Specs
    • Experience: Expert
    • OS: Windows XP
    Re: Parted magic / Secure Erase
    « Reply #1 on: September 11, 2013, 07:51:57 PM »
    No. 8)
     How would anybody who does free software pay for a -
    government certification?
    But, maybe you could contact these people a end ask for a free sample.
    http://www.eraser.com/eraser-certification-program/
    http://www.cyberscrub.com/topics/certified_file_deletion.php
    http://www.whitecanyon.com/wipedrive-niap-certification

    What happens to the drives after your wipe them clean? Are the drives resold?
    What does your insurance company say?

    Mjryan37

      Topic Starter


      Newbie

      • Experience: Familiar
      • OS: Windows 7
      Re: Parted magic / Secure Erase
      « Reply #2 on: September 11, 2013, 08:22:19 PM »
      The Drives are scrapped NOT RESOLD.  Do you have experience using secure erase?  It was developed by the center for magnetic recording research and sponsored by the NSA so essentially it was a govt funded program and that's why their tool (HDDERASE.exe) is FREE.  Other utilities cost money for additional features.  Hirens boot CD is free and it includes both methods of secure erase (hdparm).  Parted magic used to be free but now it's $4.99 but its got a whole bunch of other programs on it as well. 

      I like this site's explanation best.
      http://www.esecurityplanet.com/windows-security/how-to-securely-delete-data-from-hard-drives.html

      Do you  or anyone else know if the NIST Special Publication 800-88 is what "officially" establishes the guidelines for hard drive sanitization to comply with HIPAA?  Which govt body/organization establishes the
      Methods of purging PHI data from hard drives?

      patio

      • Moderator


      • Genius
      • Maud' Dib
      • Thanked: 1725
        • Yes
      • Experience: Beginner
      • OS: Windows 7
      Re: Parted magic / Secure Erase
      « Reply #3 on: September 11, 2013, 09:17:09 PM »
      I personally seriously doubt any Freeware app would pass and /or qualify  under the constraints you have laid out...
      It's the Government...think about that for a second...

      P.S. Any reason you need to know this info ? ?  'cause it's readily available...
      " Anyone who goes to a psychiatrist should have his head examined. "

      Geek-9pm


        Mastermind
      • Geek After Dark
      • Thanked: 1004
        • Gekk9pm bnlog
      • Certifications: List
      • Computer: Specs
      • Experience: Expert
      • OS: Windows XP
      Re: Parted magic / Secure Erase
      « Reply #4 on: September 12, 2013, 07:55:30 PM »
      If the drives are into be scrapped, erasing them is pointless.  The platters are soft material and can be readily mutilated beyond recovery of data.

      Quote
      ...Liquid Technology’s secure data destruction services meet or exceed all industry-specific regulations, including:
          FACTA (Fair and Accurate Credit Transactions Act)
          GLB (Gramm-Leach Bliley) – banking and financial institutions
          HIPPA (Health Insurance Portability and Accountability Act) – the healthcare industry
          PCI DSS (PCI Data Security Standard)
          SOX (The Sarbanes-Oxley Act)
          CAL SB1386 (The California Information Practice Act)
      EDIT: This is not a recommendation. You can find 'Liquid Technology'  and similar companies in a Google search. The have a short video on the web site.  They just  grind drives to to bits, no data recovery possible.

      Computer_Commando



        Hacker
      • Thanked: 494
      • Certifications: List
      • Computer: Specs
      • Experience: Expert
      • OS: Windows 10
      Re: Parted magic / Secure Erase
      « Reply #5 on: September 13, 2013, 12:14:53 PM »
      If the drives are into be scrapped, erasing them is pointless.  The platters are soft material and can be readily mutilated beyond recovery of data...
      DoD used to require both.  It has been changed.
      http://www.destructdata.com/dod-5220-erasure-standard.html
      "...As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable..."

      Geek-9pm


        Mastermind
      • Geek After Dark
      • Thanked: 1004
        • Gekk9pm bnlog
      • Certifications: List
      • Computer: Specs
      • Experience: Expert
      • OS: Windows XP
      Re: Parted magic / Secure Erase
      « Reply #6 on: September 13, 2013, 12:28:05 PM »

      Computer_Commando, thanks for the link and clarification.

      Can you take  an old are welder for degaussing (magnetically erase) a hard drive?