data-destruction Controls

Sanitize or destroy media containing FCI before disposal or reuse

Implement policies and procedures governing the receipt, removal, and disposal of hardware and electronic media containing ePHI

Data are destroyed according to policy when no longer needed

Data are destroyed according to policy when platforms or storage media are decommissioned