FutureDial provides software solutions for managing and data clearing mobile devices. The following describes the standards of which the Lean One Touch solution meets.

NIST Standards

While Lean One Touch supports the capability of DOD level clearing, the multi-pass overwrite consumes hours of processing time per device and is not a viable solution for the typical volume required to be processed. Lean One Touch complies with the “clear” method of NIST Standards as specified in its Special Publication 800-88r1 Guidelines for Media Sanitization (Table 5-1).

This refurbishing software also meets the requirements as contained in Section 4.7 - Verification Methods (Verification of Equipment and Verification of Personnel Competencies); Section 4.8 Documentation and Sanitization Methods for Cell Phones and PDA, as described in the Appendix A - Minimum Sanitization Recommendation for Media Containing Data.

Encryption

Due to the encryption present on iOS and Android devices, the NIST Standard is sufficient for ensuring all user data is cleared off of the device and is non-recoverable by removing the encryption keys of the device during flash. Devices with encryption have dedicated AES 256 crypto engines built into the DMA path between the flash storage and main system memory, making file encryption highly efficient. The device’s unique ID (UID) and a device group ID (GID) are AES 256-bit keys fused (UID) or compiled (GID) into the application processor and Secure Enclave during manufacturing. No software or firmware can read them directly; they can see only the results of encryption or decryption operations performed by dedicated AES engines implemented in silicon using the UID or GID as a key. Additionally, the Secure Enclave’s UID and GID can only be used by the AES engine dedicated to the Secure Enclave. The UIDs are unique to each device and are not recorded by Apple or any of its suppliers.

HIPAA Compliance

The guidelines stated for HIPAA compliance refer to the NIST document cited above. Since FutureDial solutions adheres to these NIST standards, HIPAA compliance is met as indicated by the language stated in these guidelines. For reference please see the following URL: http://www.hhs.gov/hipaa/for-professionals/faq/575/what-does-hipaa-require-of-coveredentities-when-they-dispose-information/index.html