One challenge that school districts have can be erasing hard drives that contain sensitive information. Consider the case of this school district featured in The Monitor:

The…school district is taking further action to address the sale of computers with sensitive information through policy changes and efforts in public transparency after failing to do so earlier this year.
Administration sent a letter Sept. 5 to all district parents with information about an April 6 auction in which computers with sensitive information, such as names, Social Security numbers, addresses and phone numbers, were sold.

Even if the computers were formatted, that is insufficient. Many districts actually have a third party company remove hard drives and drill them, making them unusable. A simpler solution is to run Darik’s Boot-n-Nuke enterprise equivalent on the machines to wipe the data. It’s a bit harder with newer solid state drives than the “old hard drives” but it can be done.

the former principal, who essentially bypassed procedures in place by ordering his staff to take computers directly to the site without proper authorization, because he had already left his post.

Apparently, in this case, it wasn’t that procedures were lacking. Rather, that certain staff chose to disregard the rules.

To safeguard against this, actions will be taken. One action that could put school district computers under the protection of the Texas Safe Harbor Act would include encrypting all drives and data by default. Encrypted data on a storage device need not be reported lost or stolen.

How are you safeguarding sensitive data on your home or personal computer? You might want to read this two part series on the subject.