Do I really need to shred every single hard drive?

Not necessarily. The best method depends on your data sensitivity, media type, and if you intend to reuse the drive. For drives you plan to reuse, validated software wiping (erasure) that aligns with standards like NIST SP 800-88 can be sufficient. However, for the highest level of security, especially for sensitive data or for drives at the end of their life (like SSDs), physical destruction like shredding is the definitive way to ensure data is irrecoverable.

What is the difference between degaussing and shredding?

Degaussing uses a powerful magnetic field to erase the data on magnetic media like traditional Hard Disk Drives (HDDs) and tapes, rendering them unusable but intact. Shredding is a physical destruction method that cuts the media into small, irrecoverable particles. A key difference is that degaussing is completely ineffective on Solid State Drives (SSDs), while shredding is the ultimate solution for all media types, including SSDs.

Is physical destruction better than software wiping for hard drives?

It depends on the goal. Physical destruction (shredding) is considered the highest level of security because it makes data recovery impossible and is effective for all drive types, including SSDs. It is the best option when the drive will not be reused. Software wiping (erasure) overwrites the data, allowing the hard drive to be safely reused. However, wiping is more time-consuming and can be less effective on SSDs due to technologies like wear-leveling.

What kind of documentation will I receive for my audit trail?

You should receive a comprehensive audit package that includes a serialized Certificate of Destruction (or Erasure), detailed chain-of-custody logs, and validation reports. This documentation serves as your legal proof of compliance and should include asset serial numbers, the method of destruction used, date, location, and signatures of witnesses.

Do hard drive destruction services offer certification?

Yes. Reputable hard drive destruction services hold industry-specific certifications to verify their security and compliance. The most recognized standard is NAID AAA Certification from the International Secure Information Governance & Management Association (i-SIGMA), which involves unannounced audits of a vendor’s process, security, and staff. Other relevant certifications include R2v3 or e-Stewards for responsible electronics recycling.

How do companies dispose of hard drives?

Companies use a risk-based data destruction strategy that aligns with standards like NIST SP 800-88. This involves choosing a method based on the data’s sensitivity and the storage media type. Common methods include software-based wiping for drives intended for reuse, degaussing for magnetic hard drives, and physical destruction through shredding or pulverizing for drives containing highly sensitive data or for all retired SSDs.

What is a certificate of destruction of hard drive?

A certificate of destruction for a hard drive is a formal document that serves as legal proof that the media has been securely and properly destroyed. It includes critical details for your audit trail, such as the unique serial numbers of the destroyed drives, the date and location of destruction, the specific method used (e.g., shredding), and the signatures of authorized personnel who witnessed the process.

How much is a hard drive worth scrap?

The scrap value of a single hard drive is very low, typically ranging from a few cents to a couple of dollars. The value depends on the weight of recoverable materials like aluminum and the small amounts of precious metals on the circuit board. For enterprises, the value is not in the scrap material but in the secure and certified destruction of the data it contains.

What is a certificate of destruction?

A certificate of destruction is an official audit document issued by a certified data destruction vendor. It confirms that specific assets, such as documents or hard drives, have been destroyed in a secure and compliant manner. The certificate details the chain of custody, the destruction method, date, location, and includes a list of serialized items destroyed, providing defensible legal proof for compliance and audits.

How much does it cost to recover data from a corrupted hard drive?

The cost to recover data from a corrupted hard drive can vary significantly, ranging from a few hundred to several thousand dollars. The price depends on the extent of the damage (logical vs. physical), the type of drive (HDD vs. SSD), and the complexity of the recovery process. This high potential cost underscores why professional destruction is critical to prevent sensitive data from falling into the wrong hands.

Does Best Buy destroy hard drives?

Best Buy offers electronics recycling services and may send devices to third-party partners who perform data destruction. However, for enterprises requiring a certified and auditable process with a guaranteed chain of custody and a Certificate of Destruction for compliance, it is crucial to partner with a dedicated, NAID AAA certified data destruction vendor rather than a retail recycling program.

Why do companies destroy hard drives?

Companies destroy hard drives primarily to mitigate the immense risk and financial cost of a data breach. Destroying media ensures that sensitive information—such as customer PII, patient PHI, financial records, and intellectual property—cannot be recovered from retired or obsolete assets. It is a critical component of regulatory compliance with laws like HIPAA, GLBA, and GDPR, protecting the company from legal liability and reputational damage.

What is the difference between disposal and destruction?

Disposal can simply mean getting rid of something, such as throwing it in the trash or sending it to a recycler, with no guarantee of data security. Destruction is a deliberate and irreversible process that renders the data on media unreadable and irrecoverable. For enterprise security and compliance, certified destruction, not just disposal, is required for all end-of-life data storage assets.

Can I witness the destruction process?

Yes. Professional data destruction vendors offer on-site services where a mobile destruction vehicle comes to your facility. This allows you and your team to witness the entire process, from the serialized inventory of your drives to the moment they are physically shredded. This provides the highest level of security and an unbroken chain of custody.

Who issues certificates of destruction?

Certificates of Destruction are issued by the professional data destruction vendor that performs the service. To be considered credible for audits and legal proof, the certificate should come from a reputable, certified company, such as one holding a NAID AAA Certification, which validates their secure processes and operational standards.

What’s the difference between shredding and destruction?

Shredding is a specific method of physical destruction. Destruction is the overall goal and outcome, which is to make data completely irrecoverable. While destruction can be achieved through various methods (including degaussing, crushing, or pulverizing), shredding is a common technique that achieves this by cutting the media into small particles, conforming to specific size standards.

Does destroying a hard drive remove all data?

Yes, when done correctly using a proven method. Physical destruction, such as shredding a hard drive into fine particles according to industry standards, guarantees that all data is 100% removed and impossible to recover. Similarly, proper degaussing of magnetic drives permanently removes all data. These methods are designed to be irreversible.

Does shred it destroy hard drives?

Yes, Shred-it is a well-known company that provides hard drive destruction services, primarily through physical shredding. They, like other certified vendors, offer both on-site and off-site services to securely destroy storage media in a compliant manner.

How do you dispose of hard drives?

The secure and compliant way for an enterprise to dispose of hard drives is to partner with a certified data destruction service. The process should include creating a serialized inventory, maintaining a secure chain of custody, choosing a destruction method (wiping, degaussing, or shredding) appropriate for the media and data sensitivity, and receiving a Certificate of Destruction for your records. The shredded material should then be responsibly recycled by an R2 or e-Stewards certified partner.

Should you burn documents instead of shredding?

No, you should not burn documents. While burning destroys paper, it is not a compliant or environmentally responsible method. Professional shredding services use cross-cut shredders to reduce documents to a particle size that is secure and irrecoverable. Furthermore, the shredded paper can be securely recycled, whereas burning releases pollutants into the atmosphere and does not provide an audit trail.

What is the difference between destruction and deconstruction?

In the context of data security, destruction refers to the complete and irreversible obliteration of data and the media it is stored on, making recovery impossible. Deconstruction means to take something apart, piece by piece. While deconstructing a hard drive might be part of a physical destruction process, simply taking it apart does not guarantee the data is destroyed, as the platters or memory chips could potentially still be read.

What are the drawbacks of shredding?

The primary drawback of shredding is that it renders the storage media completely unusable, eliminating any potential for reuse or resale of the hardware. However, for end-of-life assets or when data security is the top priority, this “drawback” is the intended and desired outcome, as it provides the highest level of security.

certified HARD DRIVE DESTRUCTION

Data Destruction Inc. shreds, crushes, degausses, and cryptographically erases hard drives for highly-regulated US organizations, including Federal agencies, healthcare systems, financial institutions, and defense contractors. Every job is NIST SP 800-88 r2 compliant, witnessed or sealed under chain of custody, and closed with a serialized Certificate of Destruction provided within 24 hours after the destruction event is complete.

TOP 10 WAYS TO PROTECT YOUR PRIVACY NOW!

DOWNLOAD YOUR FREE GUIDE

DOWNLOAD NOW

CERTIFIED HARD DRIVE DESTRUCTION Service Option

The Cost of Mishandled End-of-Life Data

End-of-life IT assets carry the same data risk as production assets. Every retired server, workstation, and mobile device contains a history of sensitive data that can lead directly to a regulatory enforcement action or breach disclosure if it is not handled with the same controls applied to production systems. Two recurring numbers anchor the financial case:

$4.88M is the global average cost of a data breach in 2024, the highest figure on record (IBM Cost of a Data Breach Report 2024). The figure includes regulatory fines, forensic investigation, remediation, customer notification, credit monitoring, and long-term brand damage.
$1.2M ($1,215,780) is the settlement Affinity Health Plan paid HHS in 2013 after sensitive patient data was discovered on the hard drives of returned office photocopiers (HHS OCR enforcement case). This case remains a reference scenario in HIPAA disposal enforcement and demonstrates that liability follows the asset, not the asset owner.

Standard file deletion and quick-format operations do not remove data from a drive. They remove the file-system pointers and leave the underlying data on the platters or flash cells, recoverable with inexpensive software. This residual data is called data remanence, and it is the technical foundation for every disposal-related requirement in HIPAA, GLBA, FACTA, NIST 800-171, CMMC 2.0, and NISPOM.

Media Types We Destroy

Our hard drive destruction service covers every form factor and storage medium found in a modern enterprise. Each medium has a destruction path documented under NIST SP 800-88 r2.

Magnetic Hard Disk Drives (HDDs). Desktops, laptops, enterprise servers, NAS appliances. Path: shred, crush, or degauss. NIST 800-88 Destroy or Purge depending on the method.
Solid-State Drives (SSDs) and NVMe drives. Modern enterprise and endpoint storage. Path: shred to 2 mm or smaller, or cryptographic erase on self-encrypting models. Wear-leveling and over-provisioning make software wiping unverifiable on flash media.
Servers, SANs, and RAID arrays. Multi-drive systems holding business-critical applications and databases. Path: per-drive shred or crush after removal from chassis, asset-tagged and reconciled against your CMDB at destruction.
Mobile devices and tablets. Corporate-issued and BYOD endpoints holding email, client data, and cloud credentials. Path: shred. Factory reset does not satisfy NIST 800-88 Purge for flash media.
Magnetic tape (LTO, DLT, AIT). Backup and archive tapes. Path: shred or degauss.
Optical media (CD, DVD, Blu-ray). Path: shred.
Network appliances and infrastructure. Routers, switches, firewalls, and load balancers hold configuration files, network logs, and security credentials in internal storage. Path: per-device assessment, then shred or crush as appropriate.

For the architectural detail on why each medium requires its specific method, see the individual method pages: hard drive shredding, hard drive crushing, hard drive degaussing, cryptographic erase service.

Methods of Physical Destruction Recognized by NIST 800-88 r2

When data must be rendered permanently unrecoverable, software solutions are not sufficient. Physical destruction is the only method that provides physical proof of data elimination. The process meets the disposal requirements of HIPAA, GLBA, NIST 800-171, CMMC 2.0, and NISPOM by demolishing the storage media so that data recovery becomes a physical impossibility.

Hard Drive Shredding

Hard drive shredding offers the highest level of security in the NIST 800-88 r2 Destroy category. Industrial-grade shredders equipped with cross-cutting blades seize and tear hard drives apart, reducing them to small, irregular fragments. The final particle size is engineered to the requirements of the NSA/CSS Storage Device Sanitization Manual and the NIST 800-88 r2 Destroy category. Standard commercial shred size is 6 mm or smaller. High-security and classified media is shredded to 2 mm or smaller per NSA-aligned specifications. Shredding is universally effective on all media types, including HDDs, SSDs, backup tapes, and mobile devices.

Crushing and Pulverizing

Crushing offers a powerful and visually verifiable method of physical destruction. A hydraulic press applies immense force, often exceeding 7,500 pounds, to bend, punch through, and shatter a drive’s casing, controller boards, and internal platters. For an even higher level of destruction, pulverizing grinds the crushed components into dust and tiny fragments. The process provides immediate visual confirmation that the drive is inoperable. Crushing is highly effective for HDDs. For complex SSD boards, shredding produces a more uniform result because every data-bearing flash chip is reduced in size individually.

Degaussing

Degaussing exposes a magnetic hard drive to a strong magnetic field, neutralizing the magnetic domains where data is stored. It maps to the NIST 800-88 r2 Purge category and is appropriate for HDDs and magnetic tape. Degaussing has no effect on SSDs or any flash-based media. After degaussing, the drive is no longer functional and must be physically destroyed or recycled.

Cryptographic Erase

Cryptographic erase destroys the encryption key on a self-encrypting drive (SED). Without the key, the ciphertext on the drive is mathematically unrecoverable. It maps to the NIST 800-88 r2 Purge category and applies to SED-capable HDDs, SSDs, and NVMe drives. The drive remains functional and can be redeployed or returned to lease.

Why Physical Destruction Is the Strongest Path for SSDs

The architecture of Solid-State Drives makes them resistant to traditional data sanitization methods. Because data on an SSD is stored across multiple flash memory chips, software wiping may not reliably reach every block due to wear-leveling and over-provisioning. Degaussing is ineffective because there is no magnetic storage to disrupt. The strongest path is to physically disintegrate the entire drive so every flash chip is reduced. Cryptographic erase on a self-encrypting SSD is the second strongest path because it renders the underlying ciphertext mathematically unrecoverable in a single operation.

Comparison: Shredding, Crushing, Degaussing, and Cryptographic Erase

The right method depends on your media type, classification level, and audit requirements.

Method	Best for	Data recoverable?	Allows reuse?	NIST 800-88 category	Key benefit
Shredding	All media (HDD, SSD, NVMe, tape)	No	No	Destroy	Highest verifiable security across all media types
Crushing	HDDs, optical media	No	No	Destroy	Immediate visual confirmation of physical destruction
Degaussing	Magnetic HDDs and tape	No	No	Purge	Fast sanitization of large volumes of magnetic media
Cryptographic erase	SED HDDs, SSDs, NVMe	No (ciphertext unrecoverable)	Yes (drive remains functional)	Purge	Single-operation sanitization with drive reuse

Standard reference: NIST Special Publication 800-88 Revision 2 (published September 2025).

Why Software-Only Destruction Methods Fail

Three approaches are commonly proposed as in-house or low-cost alternatives to certified physical destruction. Each fails for a specific, documented reason.

Software wiping on SSDs and NVMe is unverifiable. Wear-leveling and over-provisioning hide flash blocks from the host. A wiping tool cannot prove it overwrote every block of flash because the drive’s controller never exposes the spare and reserved blocks. NIST SP 800-88 r2 recognizes this limitation and maps SSDs to cryptographic erase (on a self-encrypting drive) or physical destruction as the only reliable sanitization paths. ATA Secure Erase can satisfy Purge on some drives, but only when the drive firmware implements the command correctly, which is not guaranteed across vendors.

Water damage does not destroy data on magnetic media. The 2015 San Bernardino case, in which FBI divers searched Seccombe Lake for a laptop submerged by the shooters, became a public reminder of this fact. Data-recovery experts confirmed at the time, and the consensus has not changed: water can short out electronics surrounding a drive but cannot demagnetize the platters underneath. The data remains readable after the drive is dried and the platters are mounted in a working chassis. Water is not a NIST 800-88 method.

Physical smashing leaves recoverable fragments. A drive with a cracked casing, broken controller board, or even bent platters is not a destroyed drive. The 2012 Sandy Hook forensic investigation, in which a recovery team extracted data from a hard drive the shooter had smashed before the attack, demonstrated this in practice. Recovery is slower and more expensive on a smashed drive, but it is possible. Smashing is not a NIST 800-88 method. Certified shredding to a documented particle size is the only path that removes the possibility of forensic reconstruction.

Common magnets are not degaussers. Ordinary magnets, including rare-earth magnets in the size range of consumer products, do not generate a magnetic field strong enough to disrupt the data on a hard drive platter. Only a purpose-built degausser certified against the NSA Evaluated Products List for magnetic media erasure reliably destroys data on a magnetic HDD or tape.

Compliance and Standards: Which Regulations Our Hard Drive Destruction Satisfies

Hard drive destruction satisfies the disposal and sanitization requirements of every major US data-protection regulation. The federal standard of record is NIST Special Publication 800-88 Revision 2 (published September 2025), which defines three sanitization categories (Clear, Purge, and Destroy) and the method-to-category mapping for every common media type.

Regulation	What it requires	How our hard drive destruction satisfies it
HIPAA / HITECH, 45 CFR § 164.310(d)(2)(i)	Covered entities must implement policies and procedures to address the final disposition of electronic protected health information	Shred or crush meets NIST 800-88 Destroy. Cryptographic erase on SEDs meets NIST 800-88 Purge. Certificate of Destruction provides the disposal evidence required for HIPAA audit.
GLBA Safeguards Rule, 16 CFR Part 314.4(c)(4)	Financial institutions must develop, implement, and maintain a written information security program including secure disposal of customer information	Shred, crush, or cryptographic erase against NIST 800-88 plus serialized chain-of-custody log satisfies the disposal-program requirement.
FACTA Disposal Rule, 16 CFR § 682	Anyone holding consumer report information must take reasonable measures to destroy it	Shredding to 2 mm or smaller particle size has been recognized by the FTC as exceeding reasonable measures.
NIST SP 800-171 / CMMC 2.0, 3.8.3, MP.L2-3.8.3	Sanitize or destroy system media containing CUI before disposal or release	NIST 800-88 Destroy category. Witnessed destruction satisfies CMMC Level 2 and Level 3 evidence requirements.
NISPOM (32 CFR Part 117), § 117.15	Classified media must be destroyed in accordance with the NSA/CSS Storage Device Sanitization Manual	Witnessed shred or crush in the NSA-approved size class (which varies by clas

Standard of Record: NIST SP 800-88 r2

NIST SP 800-88 r2 is the current US federal standard for media sanitization, published September 2025. It supersedes Revision 1 (December 2014). Both revisions supersede DoD 5220.22-M (the older 1995-era standard that prescribed multi-pass overwrite). Multi-pass overwrite is not required by NIST 800-88. Modern drives reach the Purge category with a single ATA Secure Erase, a single cryptographic erase, or a single overwrite pass on legacy magnetic drives. We document the NIST category satisfied for every destroyed drive on the Certificate of Destruction.

Source: NIST Special Publication 800-88 Revision 2 (PDF), authored by Ramaswamy Chandramouli (NIST) and Eric A. Hibbard (Samsung Semiconductor).

Service Modes: On-Site, Off-Site, Witnessed, or Scheduled

We deliver hard drive destruction in four operational modes. The right choice depends on your custody policy, classification level, audit cadence, and on-site logistics.

Mode	Best for	How it works
On-site destruction	Buyers who require that custody never leaves their facility	Our mobile shredding truck arrives at your loading dock. Drives are destroyed inside the truck on your property. You observe through the truck’s viewing port if desired.
Off-site destruction	High volume or lower classification	Bonded operators pick up sealed custody bags and transport to our destruction facility under GPS-tracked, tamper-evident custody.
Witnessed destruction	Classified media, federal contractors, RFP-driven audits	Your designated witness, or a third-party auditor, physically observes the destruction event. We provide video evidence as supplemental attestation.
Scheduled destruction program	Data centers, healthcare systems, large enterprises with recurring decommissioning	Recurring monthly or quarterly on-site service with consolidated chain of custody and a master Certificate of Destruction.

Every mode produces the same audit-grade documentation: a serialized Certificate of Destruction, a chain-of-custody log, and an electronics-recycling attestation.

Ensuring an Unbroken Chain of Custody

The moment your assets leave your control, you need an unbroken and auditable security trail. Our serialized chain-of-custody process produces a legally defensible record at every step, from your floor to final destruction.

From Secure Bins to Final Destruction

The process begins at your facility, where all media is placed into locked, tamper-evident containers. The bins are never opened during transit. They are unsealed immediately before destruction, either inside our mobile shredding vehicle at your location or within our access-controlled facility.

Serialized Inventory and Barcode Scanning

We do not just count bins. We track every asset. The serial number of each hard drive is scanned at pickup to create a detailed manifest. The serialized inventory provides a complete audit trail that is reconciled against the final Certificate of Destruction, providing 100% accountability per asset.

Secure, GPS-Tracked Logistics and Vetted Personnel

Your assets are handled by uniformed, background-checked, and trained security personnel. They are transported in secure, alarm-equipped vehicles with real-time GPS tracking, providing constant monitoring while your media is in our custody.

Witnessed Destruction in Person

For full assurance, we invite you to witness the destruction process firsthand. With our on-site mobile shredding services, you can personally verify that your hard drives are reduced to unrecoverable fragments before our vehicle ever leaves your property.

Industries That Choose Our Hard Drive Destruction Services

Five regulated verticals account for the majority of our hard drive destruction volume. Each vertical’s compliance driver shapes the method, service mode, and audit documentation we deliver.

Healthcare data destruction

Hospital systems and HIPAA-covered entities use shred or cryptographic erase to satisfy 45 CFR § 164.310(d)(2)(i). On-site is preferred for radiology and EHR-server decommissioning.

Federal agency data destruction

FISMA and NIST 800-171 require sanitization or destruction of CUI media. Witnessed destruction is the audit default for IG-reviewed programs.

Defense contractor data destruction

CMMC 2.0 Level 2 and NISPOM 32 CFR Part 117 require destruction with classification-specific particle size. We deliver witnessed on-site service with NSA-aligned attestation.

Financial services data destruction

GLBA Safeguards Rule and PCI DSS v4 require documented disposal of cardholder and customer data. Shred plus Certificate of Destruction is the recognized program.

Data center decommissioning

Tenant offboarding and asset-disposition programs require serialized chain of custody at scale. Scheduled program with monthly destruction cadence.

What You Receive: Audit-Grade Documentation Package

Every hard drive destruction job closes with five documents. Together they form the complete audit trail required by HIPAA, GLBA, NIST 800-171, CMMC 2.0, and NISPOM disposal programs.

Serialized Certificate of Destruction. Lists every destroyed asset by serial number, make, model, capacity, destruction method, NIST 800-88 r2 category satisfied, destruction date, witness signature, and lot ID. Provided within 24 hours after the destruction event is complete.
Chain-of-custody log. Tracks every asset from your floor through pickup, transport, destruction, and downstream recycling. Each handoff is signed and timestamped. Sealed under tamper-evident custody throughout.
Particle-size attestation (shred jobs only). Documents the final shred particle size (6 mm or smaller for standard commercial, 2 mm or smaller for high-security) with photographic evidence and NSA-aligned classification mapping.
Video evidence (witnessed jobs only). Time-stamped recording of the destruction event from the on-site truck’s interior camera or facility chamber, retained for the duration specified in your contract.
Recycling-stream attestation. Downstream electronics recycler’s processing certificate confirming zero-landfill diversion of all residual material.

Document Delivery and Retention

We deliver all five documents via encrypted email and your customer portal within 24 hours after the destruction event is complete. Originals are retained in our archive for 7 years (or longer per your contract), supporting subsequent audits or breach-investigation requests.

Pricing and Quote Process

Hard drive destruction is quote-driven. Five factors shape the quote. We return a written, line-itemized quote within one business day of receiving your asset list or destruction plan.

Volume. Per-drive pricing decreases at 100, 500, 1,000, and 5,000-drive tiers. Annual contracts with scheduled destruction unlock recurring-program pricing.
Service mode. On-site mobile shredding carries a fixed truck-arrival fee on top of per-drive pricing. Off-site is per-drive only. Witnessed adds a per-job witness fee.
Geography. On-site service to our seven staffed metros (Dallas, New York City, San Jose, San Diego, Los Angeles, Irvine, Washington DC) is included in standard pricing. On-site to other US metros adds a travel surcharge.
Media type. Standard HDDs and SSDs are baseline. NVMe drives, magnetic tape, optical media, and mobile devices carry per-asset adjustments tied to NIST 800-88 method requirements.
Audit level. Standard documentation is included. Enhanced documentation (video evidence, third-party witness coordination, classified-media handling) adds a per-job fee.

RFP and Procurement Support

We sign NDAs, provide Certificate of Insurance up to $5M aggregate, complete vendor onboarding forms, and respond to RFPs and RFIs on procurement-standard turnaround windows. Request a customized quote or call (866) 850-7977 to start.

Frequently Asked Questions About Hard Drive Destruction

Does NIST 800-88 require shredding for hard drive disposal?

No. NIST SP 800-88 r2 (September 2025) defines three sanitization categories: Clear, Purge, and Destroy. Shredding satisfies Destroy. Cryptographic erase on a self-encrypting drive satisfies Purge. ATA Secure Erase on a standard SSD also satisfies Purge. The right category depends on your media type and the confidentiality level of the data (Source: NIST SP 800-88 r2).

What is the shred particle size for hard drive destruction?

Our standard commercial shred size is 6 mm or smaller. For classified or high-confidentiality media, we shred to 2 mm or smaller per the NSA/CSS Storage Device Sanitization Manual. The particle size achieved is documented on the Certificate of Destruction with photographic evidence.

Can software wiping replace physical destruction for SSDs?

Not reliably. Wear-leveling and over-provisioning on SSDs hide flash blocks from the host, and a wiping tool has no way to prove it reached every block. NIST SP 800-88 r2 recognizes this and maps SSDs to cryptographic erase (on a self-encrypting drive) or physical destruction as the reliable sanitization paths. ATA Secure Erase can satisfy Purge when the drive firmware implements it correctly, but firmware behavior is not guaranteed across vendors.

Can I witness the hard drive destruction in person?

Yes. Witnessed destruction is available for on-site mobile shredding and at our facility. Your designated witness (an employee, a third-party auditor, or a regulator) physically observes the destruction event. We retain video evidence as a supplemental attestation.

How quickly do I receive the Certificate of Destruction?

Within 24 hours after the destruction event is complete. The Certificate is serialized, lists every asset by serial number, identifies the destruction method and NIST 800-88 r2 category satisfied, and is signed by the destruction operator. Delivered via encrypted email and your customer portal.

Does DoD 5220.22-M still apply to hard drive destruction?

No, not as the current standard. DoD 5220.22-M was the federal media-sanitization standard until NIST SP 800-88 superseded it in 2007. NIST SP 800-88 r2 (published September 2025) is the current standard of record, replacing Revision 1 (2014). Multi-pass overwrite (7-pass or 11-pass) is not required by NIST 800-88. Modern drives reach the Purge category in a single operation.

Do you sign NDAs and provide a Certificate of Insurance?

Yes. We sign customer NDAs and provide a Certificate of Insurance up to $5M aggregate before any job begins. Most federal and defense customers also receive completed vendor security-program documentation as required by their procurement office.

Can you destroy SSDs and NVMe drives the same way as HDDs?

Not the same way. Different methods apply. SSDs and NVMe drives use flash memory and must be either shredded to a smaller particle size (2 mm or smaller for high-security) or cryptographically erased on a self-encrypting drive. Degaussing does not work on flash media because there is no magnetic medium to neutralize. We select the method per drive based on its construction.

LET US CONTACT YOU

Latest Blog posts

5 7 how ai and machine learning 2 1 - hard drive shredding | secure paper shredding | hdd wiping

Hybrid Cloud Sanitization & CMDB Integration: Automating Wipes Across On-Prem & Cloud

Hipaa compliant data destruction 1 - hard drive shredding | secure paper shredding | hdd wiping

HIPAA-Compliant Data Destruction: What Healthcare Leaders Need to Know

How Data Destruction Prevents Regulatory Fines & Legal Liabilities

SEARCH LOCATION WITH ZIP CODE