Please report any problems to wiki-admin(a)lists.wisc.edu or use our support form. For more info Shared Tools KB
Skip to end of metadata
Go to start of metadata

Media and Device Disposal and Reuse Policy

The current version of the policy is published at: https://kb.wisc.edu/itpolicy/  

The Media and Device Disposal and Reuse Policy requires that Restricted and Sensitive Data be removed or rendered unusable prior to disposal or reuse of media and devices.

The history of the policy is documented below. 

Recently Updated

 

Meeting Schedule

Relevant Future Meetings

  • None scheduled. As issues arise, please contact policy@cio.wisc.edu.
  • IDispose Meetings

Documents

Recent

Background

IDispose Policy

 

History

(tick)Milestones, (info)Items of particular interest

Date

Activity

11/23/16Updated wiki pages, text, links, etc. No change in the policy.
07/30/15 (tick) Rev A of 04/09/15 version published. See the IDispose Policy Archive folder for the differences between this and the 02/19/10 version.
06/10/15CISO approved Rev A of 2015-04-09 version for publication
04/24/15Updated wiki pages to conform to new format.
04/23/15Drafted Rev A of 04/09/15 version. Submitted for review and approval by CISO, per the 04/12 plan.
04/12/15

Three stage process proposed:

  1. Quickly: Do a minor revision of the policy to clarify the language and link to the procedures we already have readily  available. No UW-MIST review needed (only changes to policy are to use previously approved boilerplate policy language, and clarify some cases that were somewhat ambiguous.  CISO approval is sufficient (only standardizing and claifying language and changing procedures.)
  2. Short-term: Improve the mix of available procedures. UW-MIST review (to assure new procedures are practical.) CISO approval is sufficient (only changing procedures.)
  3. Longer-term: integrate the disposal and reuse policy into a broader IS policy framework. UW-MIST, MTAG, additional review. CIO approval.

Proposal was approved.

04/09/15 (info) CISO identified need to add procedures and references. Drafted updated policy version 04/09/15.
10/01/13 (info) Policy was reviewed. No changes needed.

06/22/10

 (tick) Rev A of 2/19/10 version of policy. Updated links to related documents. Attached definition of sensitive information.

02/19/10

 (tick) 02/19/10 version of policy. Policy was revised to remove the requirement to "follow the currently established procedures." The deleted phrase was confusing and unnecessary. It might be interpreted to mean that the policy only applies in circumstances where there are, in fact, "established procedures." That was not the intent. The intent was that people take adequate steps in all circumstances involving sensitive information. "Adequate" will depend on the circumstances and will vary over time. A unit or the institution can provide greater definition as warranted.

11/11/09

Reported status at IT Policy Forum. Rollout complete.

08/03/09 (tick) Rev B of 06/29/09 version of policy. Updated related documents. No change in policy requirements.
07/03/09 (tick) Rev A of 06/29/09 version of policy. Updated related documents. No change in policy requirements.

07/01/09

 (tick) Effective date of IDispose Policy.

  (info) Policy was published shortly thereafter.

06/29/09

IDispose Policy is approved by CIO's office.

06/26/09

 (info) Comment period ends. No comments received.

06/24/09

Communications meeting. Discussed vetting and communications.

06/23/09

Drafted implementation team charter. (Implementation team was not actually formed. There was alread sufficient documentation available on how to dispose or reuse common media and devices.)

06/18/09

Call for participation in an IDispose implementation team.

06/18/09

 (info) Requested input on draft policy from MTAG, deadline June 26.

06/16/09

Communications meeting. Discussed vetting and communications.

06/12/09

 (info) UW-MIST is asked to review the draft policy, deadline June 26.

06/03/09

Revised IDispose Plan. Minor changes to draft policy.

05/21/09

PPT Meeting. Revised IDispose Plan.

05/19/09

First draft of policy.

05/08/09

Created IDispose Plan.

04/06/09

Reported status at the IT Policy Forum.

03/2009

 (info) The CIO's office proposes to "fast-track" an institution-wide media and device disposal and reuse policy. The "fast-track" is appropriate because the issues do not appear to be controversial. The proposed policy is added to the list of current IT policy initiatives.

02/2009

 (info) It becomes apparent that there is some misunderstanding regarding who cleans the hard drives of disposed computers. In addition, there has historically been no comprehensive and formal guidance regarding how to properly dispose of media.

Additional Pages

Contact

  • No labels