I have reviewed the proposed regulation on a preliminary basis. While I reserve the right to take action under the Administrative Process Act during the final adoption period, I approve the advancement of this regulation to the next stage for the purpose of soliciting public comment, with the stipulation that the following language replace section B in the final version:
B. Electronic records: Agencies must establish procedures and processes to destroy social security numbers in public records that have reached the end of their retention period in electronic format and stored on information or recordkeeping systems. Agencies may maintain or destroy the physical media.
a. Files stored on a computer must not only be deleted but also overwritten using software that overwrites the files with meaningless data multiple times to totally obliterate the original data and to prevent the information from being reconstructed.
b. Back-up tapes must be overwritten at the same time as all other copies are destroyed. Tapes shall be held no longer than the conclusion of the retention period for the information contained in the tape.
c. If an agency plans to maintain the floppy disks, tapes or other magnetic storage devices, other than hard drives, with data containing social security numbers, the media must be:
1) overwritten using software that overwrites the files with meaningless data multiple times to totally obliterate the original data, or
2) exposed to a powerful magnetic field to disrupt the information. If a magnetic field is used the data must be reviewed to ensure that the social security numbers are not retrievable.
d. If an agency plans to destroy the physical media, disks, tapes and other magnetic media, other than CD-ROMs, the media must be shredded in a shredder to ensure that the information is totally destroyed.
d. CD-ROMs must be physically broken, into several pieces, to be rendered unusable.
e. When disposing of computers that contain social security numbers or other privacy-protected information hard drives must be overwritten and inspected to ensure no privacy-protected data remains. If data remains, the hard drive must be removed and disposed of separately by drilling to prevent it from being used again.