Execution should include
- data destruction and media sanitization
- burning
- shredding
- pulping
- pulverizing
- degaussing
- purging
- wiping
- data sensitivity labeling and handling
- confidential
- private
- public
- proprietary
- personally identifiable information (PII)
- personal health information (PHI)
- data roles
- owner
- steward/custodian
- privacy officer
- data retention
- legal and compliance.
Process/Skill Questions:
- What are the limitations of the various physical data-destruction practices?
- What are the implications of the different data roles?
- What can happen when a company’s policies lead to one’s personal identity being compromised?