Re: Policies for Equipment Disposal - computers and other devices with memory

[Faith Mcgrath <faith.mcgrath () YALE EDU>]

Sallie: We are in the process of revising our policies and procedures to
address a broader spectrum of regulated and confidential information,
but this is the current Media Control policy and the associated
procedure that is specific to protected health information:

Media Control http://www.yale.edu/ppdev/policy/1609/1609.pdf
Disposal of Media Containing Confidential or Protected Health Information
http://www.yale.edu/ppdev/Procedures/its/1609/1609PR.01DisposalMediaPHI.pdf


--
Faith McGrath, Compliance Officer
Yale University ITS - Information Security
faith.mcgrath () yale edu
voice: 203.737.4087 telefax: 203.737.2859
security () yale edu || security.yale.edu


Sallie F Wright wrote:
> I am on the hunt for a sample policy that addresses disposal of
> equipment that have memory/hard drives specifically related to
> regulatory compliance. We have the computer side but I am wondering what
> others are doing around copiers, pda's, cellphones, etc.
>
> Sallie Fulsom Wright, CISSP
> Assistant Vice President
> Information Technology
> University of Alabama at Birmingham
> 205 975 2853
> http://www.uab.edu/

Please be aware that email communication can be intercepted in
transmission or misdirected. Please consider communicating any sensitive
information by telephone, fax or mail. The information contained in this
message may be privileged and confidential. If you are NOT the intended
recipient, please notify the sender immediately and destroy this
message. If you wish to confirm the content of this message and/or the
identity of the sender please contact me at the phone number given above.