The IT Law Wiki
in: Security, Data, Definition

Purging

Sign in to edit

Definitions[]

Purging information is

a media sanitization process that protects the confidentiality of information against a laboratory attack.[1]
[t]he removal of sensitive data from an AIS at the end of a period of processing, including from AIS storage devices and other peripheral devices with storage capacity, in such a way that there is assurance, proportional to the sensitivity of the data, that the data may not be reconstructed through open-ended laboratory techniques. An AIS must be disconnected from any external network before a purge.[2]

Purging of records is

[t]he removal and/or destruction of records because they are deemed to be of no further value or further access to the records would serve no legitimate government interest.[3]

Overview[]

There are three general methods of purging media:

References[]

  1. NIST Special Publication 800-88, at 8.
  2. A Guide to Understanding Data Remanence in Automated Information Systems.
  3. Baseline Capabilities for State and Major Urban Area Fusion Centers, at 52.

See also[]

Community content is available under CC-BY-SA unless otherwise noted.