What is NIST 800-88?
- Definition
- NIST Special Publication 800-88 is the U.S. government standard for media sanitization, providing guidelines for securely erasing data from storage devices before disposal or reuse.
NIST Special Publication 800-88, titled "Guidelines for Media Sanitization," is published by the National Institute of Standards and Technology. It is the most widely referenced standard for data destruction in the United States and provides a framework for choosing appropriate sanitization methods based on the confidentiality level of the data.
The standard defines three levels of sanitization: Clear (logical overwriting suitable for reuse within the organization), Purge (more thorough methods like cryptographic erase or degaussing for external reuse), and Destroy (physical destruction rendering the media completely unusable).
For businesses retiring IT equipment, NIST 800-88 compliance means using documented, verifiable methods to ensure data cannot be recovered. A compliant data destruction process includes selecting the appropriate sanitization method, verifying the erasure, and documenting the entire process with certificates of destruction. This documentation is critical for demonstrating compliance with regulations like HIPAA, PCI-DSS, and SOX.
Need Help with NIST 800-88?
Our team can answer your questions and help you find the right solution for your organization.