On-Site | Certified | Compliant

NIST 800-88 Certificate of Destruction

Compliance with NIST Guidelines requires detailed reporting

NIST 800-88 Certificate of Destruction

Compliance with NIST 800-88 digital media destruction Guidelines requires specific hard drive destruction methods and reporting details.  A NIST 800-88 Certificate of Destruction must include the hard drive make, model, serial number, and type as well as the parent computer’s serial number.  This means you must be able to identify the hard drive and computer which it was removed from.

Digital Media Sanitization Reporting

The National Institute of Standards and Technology (NIST) has developed Guidelines for Media Sanitization – NIST 800-88.  This document assists organizations in implementing a media sanitization program consistent with the security level of the information to be destroyed.

The NIST 800-88 “Guidelines for Media Sanitization” paper includes a sample Certificate of Destruction as well as a list of requirements.  The main sections of the certificate include the person performing the sanitization, media information, sanitization details, media destination and destruction verification.  NIST 800-88 compliance, among other things, the make and model of the hard drive as well as the source computer.  Basically, there needs to be a documented link from the hard drive being destroyed to the computer and/or user.

The following document is only a portion of the guidelines set forth by the National Institute of Standards and Technology.  We have worked with the Jet Propulsion Laboratory to destroy digital media for NASA in accordance with NIST 800-88.  See our process for digital media destruction.

NIST 800 88 Documentation Guidelines

The E-Waste Security NIST Certificate of Destruction

NIST 800-88 COD from E-Waste Security
NIST 800-88 reporting requirement for digital media destruction

Chapter 4.8 of the NIST 800-88 Guidelines for Media Sanitization details the documentation requirements.  The Certificate of Sanitization, shown below, is a good example of how the report may look.

hard Drive destruction projects for the City of Los Angeles
Hard drive destruction projects NASA in Pasadena
Hard drive destruction project for the Office of the Inspector General Health and Human Services
US Bankruptcy Court
NIST and Department of Commerce

Do you require a NIST 800-88 Certificate of Destruction?