Skip to main content

University Policy Manual

SECURE DISPOSAL AND REUSE

Effective: August 15, 2024

Purpose: Emporia State University maintains data and information critical to the operations of the University most of which is stored electronically. Proper disposal of equipment is both environmentally responsible and often required by law. Electronic Media can contain various kinds of University Information, some of which is Sensitive or Confidential as described in the policy on Information Classification. In order to ensure the University maintains the confidentiality and integrity of its electronic information assets and follows all legal requirements, all storage media must be properly erased before being disposed of. Therefore, special tools must be used to securely erase data prior to equipment disposal. When equipment or media is disposed of, secure disposal is necessary to prevent the recovery of data files. When equipment is reused, secure reloading of equipment is necessary to update software and remove data stored by previous users.

Scope: This policy applies to all Electronic Information Technology (EIT), electronic media, computing equipment, and mobile devices storing ESU information classified as sensitive or confidential per the policy on Information Classification.

Responsible Office: Information Technology

Policy Statement: University employees are responsible for destroying their removable media which might have stored information protected by privacy laws and rights prior to disposal.

The Information Security Officer (ISO) is responsible for monitoring and reporting compliance with this policy. The ISO is responsible for reviewing this policy annually. The ISO is also responsible for:

  • Working with IT personnel and Unit Support Personnel to create and maintain procedures for secure disposal and reuse of EIT, computer equipment, mobile devices, and electronic media, and to provide training on such procedures to ensure compliance.
  • Raising awareness in the ESU community in secure disposal of EIT, computing equipment, mobile devices, and electronic media;

University-owned computing equipment to be disposed of or to be reassigned to another user must first be sent to Information Technology (IT) to ensure compliance with University policy and procedures. Disposal will include recycling e-waste when possible. All data and information stored within EIT, computing equipment, electronic media, and mobile devices storing University information classified as Sensitive or Confidential per the policy on Information Classification must be rendered unusable prior to disposal per Secure Disposal and Reuse procedure(s).

The President or designee must approve any exceptions to this policy.

Definitions: All words and phrases shall be interpreted utilizing their plain meanings unless otherwise defined in another University or Board of Regents policy or by statute or regulation.

Procedures: All procedures linked and related to the policies above shall have the full force and effect of policy if said procedures have first been properly approved by the University’s administrator in charge of Information Technology.

[Information Technology procedures - coming soon]

Related Policy Information: [coming soon]

History and Revisions

Adoption Date:
10/13/2009 [FSB 09004 passed by Faculty Senate on 10/06/2009, approved by President 10/13/2009, and included in UPM as Policy 3J.19]
Revision Date:
10/02/2013 [Policy updated]
04/26/2019 [FSB 18017 passed by Faculty Senate on 04/16/2019 and approved by President]
08/15/2024 [Policy format revised as part of UPM Revision]