Overview

Important: The only way to ensure that ALL UCSF data has been removed is to securely reformat (ERASE) your hard drive and any devices that contain storage (e.g., USB thumb drives, external hard drives, smartphones, tablets). This is not the same as simply deleting files or performing a "factory reset." Please contact your computer vendor for support.

If you cannot do this, use the instructions below to ensure you remove all UCSF information, applications and tools.

How to Securely Remove Restricted Data

If you stored UCSF restricted data on a device, you must securely wipe the device's storage or securely delete files that contain the restricted data. A secure wipe or secure erase requires writing over restricted data multiple times, to make recovery infeasible or impractical. If you're unsure where UCSF restricted data exists, the safest thing to do is assume it exists everywhere and act accordingly.

If your device was encrypted: Reformatting it or performing a "factory reset" without first decrypting it is usually equivalent to securely wiping its storage.

If you never encrypted your device, or intend to decrypt it or leave it encrypted after leaving UCSF: You must securely delete any and all restricted data.

To securely wipe a drive, you can use:

• Dariks Boot and Nuke: http://www.dban.org/
• Disk Wipe: http://www.diskwipe.org/
• Apple's Disk Utility, to securely erase a disk (7-Pass Erase) in Step #8: https://support.apple.com/guide/disk-utility/erase-and-reformat-a-storage-device-dskutl14079/mac
• UCSF IT's drive destruction service: https://it.ucsf.edu/services/drive-tape-and-data-destruction

To securely delete files, you can use:

• Heidi Eraser: http://eraser.heidi.ie/ (Windows)
• After deleting the files, Apple's Disk Utility Secure Erase feature (7-Pass Erase) in Step #8: https://support.apple.com/guide/disk-utility/erase-and-reformat-a-storage-device-dskutl14079/mac (Mac)
• Wipe Free Space: http://wipefreespace.sourceforge.net/ (Linux and Mac)
• PGP shredder (Windows: https://support.symantec.com/en_US/article.TECH149789.html) or PGP Shred (Mac:  https://support.symantec.com/en_US/article.HOWTO41908.html)

These programs are not supported by UCSF and are listed here only as suggestions. Any use of these programs is done at your own risk.

Leaving UCSF: How to “clean up” your personal computer

When you leave UCSF, UCSF data should not leave with you. This includes but is not limited to:

• Any UCSF data, especially restricted data such as PHI (Protected Health Information) and PII (Personally Identifiable Information)
• UCSF saved passwords
• UCSF system information (application and system usernames and passwords)
• UCSF computer applications
• UCSF network settings (saved UCSF Wi-Fi settings)

UCSF data

Please check the following common locations for UCSF data and permanently delete it:

• Email: Don't stop with the inbox; check your sent items and deleted items as well as any local PSTs you may have created during backups and archiving.
• Documents folder
• Downloads folder: When you download attachments, files from UCSF web applications and other external locations, they are saved into this directory by default.
• Desktop
• External drives: Review any external drives used to store or backup data, or both, and remove any UCSF data.

Pay extra attention to the following file types, as they are most likely to contain data:

• Office files (.xls, .xlsx, .doc, .docx, .ppt, .pptx, .pdf)
• Email files (.pst, .msg)
• Pictures (.tiff, .jpg, .jpeg, .bmp, .png)

You can use the search function on your machine to look for a list of any of the file types listed here. For example, search for *.pdf to find all PDFs saved on your system.

Saved passwords

If you've saved any passwords to UCSF data or systems, delete them. The following are common locations where passwords are saved:

• Web browser: In your web browser (e.g., Internet Explorer, Chrome, Firefox), go into the settings and remove any saved passwords used to access UCSF resources.

IE: https://support.microsoft.com/windows

Chrome: https://support.google.com/chrome/answer/95606?hl=en&visit_id=0-636631021242553616-794579816&rd=1#see

Firefox: On an iOS device: https://support.mozilla.org/en-US/kb/manage-saved-passwords-firefox-ios; on an Android device: https://support.mozilla.org/en-US/kb/save-passwords-firefox-android

• Local files: Some users store passwords in files such as text documents, Word or Excel. Review these locally saved passwords and remove all UCSF passwords from these files.
• Password managers: If you are using an application that remembers and stores your passwords, please review it and remove all UCSF passwords from the application.

UCSF system information

If you have any documents that describe UCSF systems, permanently delete these files. Examples of files that may contain restricted UCSF system information are:

• Application install guides and user manuals
• System or network diagrams (explaining how a system is set up or functions)

UCSF computer applications

On a Windows machine, open the control panel to Programs and Features. Look through this list and remove any UCSF software that you will no longer be using after your departure.

On a Mac, look in your applications folder and remove any UCSF software that you will no longer be using after your departure.

UCSF network settings

Open your network settings on your system and remove any saved connections to UCSF networks. Examples of these connections are:

• UCSF wireless networks (e.g., UCSFwpa, UCSFguest)
• UCSF VPN connections

UCSF tools

Contact the IT Service Desk at https://ucsf.service-now.com/ess/home.do or 415-514-4100 to remove any UCSF computer management software (e.g., BigFix, Casper) and to unencrypt your device.