Computer equipment transfer and disposal

Our policy and guidelines outline precautions which must be taken when it is time to dispose of computing equipment that has been used to store confidential data.

Disposal of personally owned computer equipment

Deleting files from computer equipment does not remove the data from the media on which it is stored. When you delete a file, only the reference to the file is deleted. The file still exists on the media until other data overwrites it, leaving it vulnerable to recovery.

To ensure that you have permanently removed all critical data from your computer, consider using a tool such as DBAN: Darik's Boot and Nuke Disk Destruction Tool. Other tools include: EraserKillDiskBCWipe and CyberCide.

Disposal of University leased or owned computer equipment

Computing equipment used by the University is either leased from a leasing company or owned by the University. For details about disposing of this equipment, refer to the staff intranet page: Disposal of IT equipment.

When you need to dispose of or transfer computing equipment which has been used to store prohibited and sensitive data, you should delete all files that contain such data. Once that has been done, you should then contact your faculty or service division IT staff for assistance with disposing of the equipment. They will ensure that all information has been securely deleted from the computing equipment using specialised tools.

Safeguarding prohibited and sensitive data is a high priority for the University, and the responsibility for ensuring this remains with the user of an individual system, including the deletion of files deemed to be prohibited and sensitive in nature. While IT staff and the contracted companies will take the necessary precautions to protect the collected computers and process hard drives according to requirements, the onus remains on users to remove such information prior to collection.