Featured Data Recovery Print Article

Computers Don’t Lose Their Memory With Age

Discarded PCs, laptops and servers may contain confidential patient information

December 21, 2006
By Vicky Brauner, Managing Director
CBL Data Recovery Australia

In March this year, an international survey found that one in six people surveyed had withheld information from their healthcare provider because of concerns about how their personal information might be used. In today’s uncertain world of data breaches and securing protected health information is no longer as simple as locking a file folder in a cabinet.

What is certain is that patient data is stored on computers – PCs, laptops at private practices or servers in a specific department – that will eventually be discarded or reused for another purpose.

While guidelines vary from state to state, Australian authorities generally require that record holders delete patient information securely – and some require evidence that record deletion has occurred. Unfortunately this means that all too often, discarded computers become a backdoor means to gain unauthorised access to confidential health information.

While the primary concern of most healthcare organisations is to ensure that patient data is available to staff when needed, it is critical to go the extra mile and destroy confidential data when discarding old computer systems so it does not fall into the wrong hands.

Data is a lot like DNA: it can be inherited, it can change. Typically, computers in the healthcare sector contain confidential material such as patient records, accounting records, x-rays and diagnostic images. To a data recovery expert they are nothing more than ‘zeros’ and ‘ones’ organised on the computer’s hard drive and this information is much easier to retrieve than you might think.

While computers are discarded for a number of reasons, such as upgrading models or a lease expiring, all too often we forget to think about what information is contained on the computers memory. Often old computers are donated to charity, auctioned off or sold to the general public, but what about the data stored inside?

Whether discarded individually or en masse, it’s possible that these computers still contain protected health information. Much of the data stored on the hard drive will be trivial information and software applications, but the fact is that many computers are discarded with sensitive data still residing on the hard drives.

Lost, but not irretrievable

Despite substantial damage due to natural disasters, equipment failure, human error or security breaches, data on computers is quite resilient. Often, data that is thought to be lost forever can be retrieved by data recovery specialists. Likewise, data that is assumed to be deleted from the system often still resides on a discarded computer’s hard drive.

For an expert who comes into possession of a previously used computer system, there are a range of methods and techniques that can be used to reconstruct data even after the storage media has been erased. To remove data permanently, it is necessary to go beyond the simple deletion of a file from your desktop.

What many users don’t realise is that when you delete a file, the contents are not actually removed: the file, at least in the short term, still resides on the hard drive, but is no longer linked to the system. Simply deleting a file only removes the directory pointers to it, while the data remains on the computer disk until the operating system re-uses those sectors to write new data.

Even reformatting, or repartitioning a hard drive does not guarantee files are completely gone. Until the old data is actually overwritten by new information, it can be recovered by programs that read disk sectors directly, such as forensic software, commercially available data retrieval software or data recovery techniques.

The good news is there are a number of simple methods that can be used to ensure the ultimate destruction of data on hard drives and safeguard against disclosure of sensitive information. These methods are: degaussing, overwriting, data encryption and media destruction, discussed in further detail below.

Wiping

Wiping sensitive data from a removable storage device or computer hard drive is the best method of data destruction to guarantee the data can’t be reconstructed via laboratory techniques.

Wiping is essential when hardware containing sensitive data is moved from a secure facility to a non-secure environment. Software-based data destruction methods are inexpensive, easy to use, and readily available on the market from a number of vendors.

Degaussing

A more severe approach to data erasure is degaussing, a process whereby a computers’ magnetic media is erased.

This often renders hard drives inoperable and can prevent computers from being recycled for educational use, charitable donation or resale to the general public. This method is not for the faint of heart and is best used only in the case of highly sensitive, protected data which would have serious implications if leaked.

Clearing

A less extreme means of data erasure is the removal of data, proportional to the level of sensitivity, to ensure the data may not be reconstructed using normal system capabilities.

This method is particularly useful when the storage media is reused within the same computer or office. For example, if a computer is being cleaned up for someone new taking over from a departing staff member, it enables the media to remain in the same controlled environment. Clearing is achieved by overwriting the unassigned system storage space on the disk. A single overwrite of a file or all system storage is usually enough to make sure that previous information cannot be rebuilt.

Ultimate destruction

In extreme cases where the destruction of data must be guaranteed and the chance of retrieval completely eliminated, physical destruction of the hardware is the best option.

Media can be effectively destroyed using a number of methods: an abrasive substance on a magnetic disk or drum recording surface will do the trick, while corrosive chemicals can have the same effect. Destruction of a hard drive (or the entire computer for that matter) can also be achieved by disintegration or incineration at a metal destruction facility. Regardless of which technique you use, it is important to remember that the entire recording surface must be completely removed before disposal. Even if you decide to destroy the hardware completely, it is still a good idea to purge the media before doing so – better to be safe than sorry!

Hold on a second!

While making sure sensitive data does not fall into the wrong hands should be top priority, it is important to make sure that data is no longer needed before you erase it forever.

Before disposing of any computer hardware, be sure to back up the data in a secure location. Just because the computer is no longer needed, doesn’t mean the data won’t be needed either. There could also be legal requirements for maintaining certain information, such as medical records, long after the patient has left the facility.

Safeguarding protected health information is critical and properly removing sensitive information from computer hard drives should be incorporated into company policy to protect yourself and your patients.

Vicky Brauner is Managing Director of CBL Data Recovery, a leading provider of data recovery services for consumer, enterprise and public-sector clients who experience data loss disasters. For further information, go to www.cbltech.com.au