Closing your project: confirming data destruction

  • Updated

Before closing your UK Biobank research project, you must confirm that all data has been securely destroyed. This ensures compliance with the UK Biobank Material Transfer Agreement (MTA).

Step 1: Access the AMS Form

  • Log in to AMS.
  • Navigate to Data Destruction Confirmation under the Admin tab in your project folder.

Step 2: Review Storage Locations

  • For each listed location (servers, devices, cloud, etc.):
    • Select Yes if UK Biobank data was stored there.
    • Select No if it wasn’t.

Step 3: If Yes, Choose Your Deletion Method

When you select Yes, a dropdown menu appears. Follow these detailed instructions:

Servers

  • Windows (cipher):
  • Cipher securely overwrites deleted data (wiping free space). You must first delete your files in the normal way (using Windows File Explorer), taking note of the folder path and then run Cipher.

Syntax:  cipher /w:<drive>:\<folder> 

In the example below the deleted data files to be securely wiped are located in D:\UKBProject\Data

  •  
    1. Open Command Prompt as Administrator.
    2. Run:
      1. cipher /w:D:\UKBProject\Data

 

Or if you wanted to securely wipe all free space on the whole drive you would use:

      cipher /w:D:\

(Replace D:\ with the drive letter.)

  • Linux:
    •  
      • dd:
        • dd if=/dev/zero of=/dev/sdX bs=1M
      • shred:
        • shred -vzn 3 /dev/sdX
      • srm:
        • srm filename
  • For full disk wipe: Use DBAN.

Email / SharePoint

  • Use Microsoft Purview:
    • Create retention policies to delete items after a set period.
    • Apply to relevant mailboxes and SharePoint sites.
  • Manual cleanup:
    • Empty Deleted Items.
    • Purge Recoverable Items.

Devices

  • Encrypt first:
    • Windows: Enable BitLocker.
    • macOS: Enable FileVault.
  • Secure wipe:
    • Windows: Settings → Update & Security → Reset this PC → “Remove everything” → “Clean the drive”.
    • macOS: Disk Utility → Erase with secure options.
  • For HDD/SSD: Use DBAN or manufacturer’s secure erase tool.

Virtual Machines

  • Delete snapshots.
  • Wipe virtual disks:
    • VMware:
      • vmkfstools --wipeDisk /path/to/disk.vmdk
      • Hyper-V: Delete VHD/VHDX and overwrite using secure erase tools.

Cloud Storage

  • Apply retention/deletion policies in your cloud platform:
    • Microsoft 365: Use Purview or retention labels.
    • AWS S3: Configure Lifecycle Policies.
  • Confirm hard delete and empty recycle bins.

Mobile Devices

  • Use MDM (e.g., Intune):
    1. Sign in to Intune portal.
    2. Select the device.
    3. Choose Wipe or Factory Reset.
  • Ensure encryption is enabled before wipe.

Removable Media

  • Use secure erase tools:
    • Linux: shred /dev/sdX or wipe.
    • SSD: Manufacturer’s ATA Secure Erase utility.
  • For sensitive data: Physically destroy (shred, degauss, or incinerate).

Step 4: Certify

  • If all answers are No: Confirm that no UK Biobank data was downloaded.
  • If any answer is Yes: Confirm that:
    • All data and backups have been securely destroyed.
    • Any hardware used has been wiped before disposal.
    • No data remains in any unauthorised format.
    • Destruction complies with the UK Biobank MTA.

Related to

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.