SSD Secure Erase

Data Destruction Inc. sanitizes solid-state drives with controller-level secure erase commands, ATA Secure Erase for SATA drives and NVMe Sanitize for NVMe drives, purging every flash block including the over-provisioned cells that software overwrites miss. We verify each erase and document it to the NIST SP 800-88 r2 Purge category so drives can be safely reused.

Top 10 ways to protect privacy guide image dd - hard drive shredding | secure paper shredding | hdd wiping

TOP 10 WAYS TO PROTECT YOUR PRIVACY NOW!

DOWNLOAD YOUR FREE GUIDE

SSD Secure Erase Service Option

Certified-equipment-destruction-icon-dd-1

SSD Shredding

When a drive cannot verify a sanitize command or must never be reused, shredding to a 2 mm particle size meets the NIST SP 800-88 r2 Destroy category by fracturing every NAND package.

Recalled-product-destruction-icon-dd

SSD Crushing

Hydraulic crushing fractures the controller and NAND packages under force, a fast physical fallback for dead or locked drives that cannot complete an erase command.

Overstock-product-destruction-icon-dd

Cryptographic Erase for SSDs

On verified self-encrypting drives, destroying the media encryption key meets the NIST Purge category in seconds. It is distinct from secure erase, which resets the flash cells themselves.

Returned-product-destruction-icon-dd

NVMe Destruction

NVMe drives use the NVMe command set rather than ATA, so we apply NVMe Sanitize or, where reuse is not required, flash-rated physical destruction sized to the medium.

How SSD Secure Erase Works

Secure erase is a logical sanitization method: instead of destroying the medium, it instructs the drive’s own controller to reset its flash cells. This preserves a working drive, which is why it is the right choice for redeployment, lease return, and resale. The reason it succeeds where software overwrites fail is that the controller reaches storage the operating system cannot address.

Solid-state drives use wear-leveling to spread writes across cells, plus over-provisioned spare capacity the host never sees. A host-level overwrite can therefore leave between 4 and 75 percent of data recoverable, because it never reaches the remapped or reserved cells. A controller-issued secure erase purges the entire flash array, including those hidden regions.

The correct command depends on the interface:

  • SATA SSDs use ATA Secure Erase, and the more thorough ATA Sanitize (block erase or crypto scramble) where the drive supports it.

  • NVMe SSDs use NVMe Format with a user-data erase, or the more robust NVMe Sanitize, because NVMe uses a different command set than ATA.

  • Self-encrypting drives can be sanitized by cryptographic erase, a related but distinct path covered on our cryptographic erase service page.

Data Destruction Inc. issues the command appropriate to each drive, confirms the drive accepted and completed it, and records the result against the serial number.

Secure Erase, Sanitize, and Crypto-Erase Compared

These terms are used loosely in the market, so we keep them distinct. The table below maps each command to the NIST category it satisfies.

Command

Interface

What it does

NIST category

ATA Secure Erase

SATA

Resets user-addressable cells; some drives clear only the mapping table

Clear to Purge

ATA Sanitize (block erase)

SATA

Erases all blocks including spare area

Purge

NVMe Format (user-data erase)

NVMe

Erases user data on the namespace

Clear to Purge

NVMe Sanitize

NVMe

Erases the entire flash array, most robust NVMe option

Purge

Cryptographic erase

SED only

Destroys the media encryption key

Purge

Because some implementations of ATA Secure Erase only clear the mapping table rather than every block, we prefer the Sanitize variant where the drive supports it, and we verify the outcome rather than trusting that the command returned success.

Verification and When to Destroy Instead

A secure erase is only defensible if it is verified. Our process confirms the drive reported a successful sanitize, checks the drive security state before and after, and samples readback where the controller allows it. The verification result is recorded in the audit package.

Secure erase is not always the answer. We default to physical destruction when:

  • the drive is dead, frozen, or will not accept a sanitize command;

  • the drive cannot verify completion;

  • the data classification forbids any reuse of the medium; or

  • the drive is a self-encrypting drive whose key management cannot be confirmed.

In those cases we route the drive to SSD shredding or SSD crushing and document the change of method.

Compliance and Standards

Regulation

Requirement

How secure erase satisfies it

NIST SP 800-88 r2

Purge category for media slated for reuse

Verified controller-level sanitize of all flash blocks

HIPAA 45 CFR 164.310(d)(2)(i)

Render electronic PHI unusable before reuse

Verified Purge with serialized record

GLBA Safeguards Rule, 16 CFR Part 314

Dispose of or sanitize customer information securely

Documented, verified erase

CMMC 2.0 / NIST 800-171

Sanitize media before reuse

NIST 800-88 r2 Purge, verified per asset

We cite NIST SP 800-88 r2 (September 2025) and its deference to IEEE 2883-2022. Authoritative sources: NIST SP 800-88 r2 (PDF) and the NIST cryptographic erase definition.

Industries That Choose Secure Erase

  • Data centers secure erase enterprise SSDs at lease return or redeployment, preserving drive value while meeting NIST 800-88 r2 Purge.

  • Financial services sanitize endpoint and server SSDs for internal reuse under the GLBA Safeguards Rule.

  • Healthcare organizations purge SSDs from devices that will be redeployed within the organization, where PHI must be removed but the hardware retained.

  • Defense contractors verify Purge on controlled-unclassified-information media before reuse under CMMC 2.0 and NIST 800-171, escalating to destruction for higher classifications.

What You Receive

  1. Serialized erasure report listing each drive, the command issued, and the verified result, mapped to the NIST 800-88 r2 Purge category.

  2. Certificate of Destruction or sanitization for the batch, provided within 24 hours after the erase event is complete.

  3. Chain-of-custody log documenting every transfer.

  4. Exception list naming any drive that failed verification and was rerouted to physical destruction, with the destruction method recorded.

Frequently Asked Questions

Is secure erase enough to meet NIST 800-88 r2? A verified controller-level sanitize meets the NIST Purge category, which is acceptable for media slated for reuse. The key word is verified: we confirm the drive completed the command and record the result. For the highest-sensitivity data, physical destruction to the Destroy category is preferred.

Why not just overwrite the SSD with software? SSDs use wear-leveling and over-provisioning, so a host-level overwrite can miss remapped and reserved cells, leaving between 4 and 75 percent of data recoverable. A controller-issued secure erase or sanitize reaches the entire flash array, which a software overwrite cannot.

What is the difference between secure erase and cryptographic erase? Secure erase resets the flash cells through a controller command and works on any SSD. Cryptographic erase destroys the media encryption key on a self-encrypting drive, making encrypted data unreadable without touching the cells. Both can reach the Purge category, but they apply to different drives.

Does NVMe use the same command as SATA? No. SATA drives use ATA Secure Erase or ATA Sanitize. NVMe drives use NVMe Format or NVMe Sanitize because they run a different command set. We apply the correct command for each interface. See NVMe Destruction.

What happens if a drive fails the erase? We reroute it to physical destruction and record the change on the exception list, so every drive ends in a verified state, either Purge by erase or Destroy by shredding or crushing.

LET US CONTACT YOU

DATA DESTRUCTION LOCATIONS

SHREDDING SERVICES DALLAS

1717 Mckinney Ave. Suite 700
Dallas, TX 75202-1236
(469) 949-2840

SHREDDING SERVICES NEW YORK CITY

100 Church Street. 8Th Floor
New York City, NY 10007-2630
(516)-990-4096

SHREDDING SERVICES SAN JOSE

2033 Gateway Place. 5Th Floor
San Jose, CA 95110
(408) 459-4418

SHREDDING SERVICES SAN DIEGO

350 10Th Avenue. Suite 1000
San Diego, CA 92101-7496
(619) 916-4696

SHREDDING SERVICES LOS ANGELES

633 West Fifth Street. 26Th And 28Th Floors
Los Angeles, CA 90071
(213) 205-3688

SHREDDING SERVICES IRVINE

7545 Irvine Center Drive. Irvine Business Center, Suite 200
Irvine, CA 92618
(949) 793-7178

SHREDDING SERVICES WASHINGTON

601 Pennsylvania Ave. Nw, South Building, Suite 900
Washington, DC 20004
(240) 266-3056

LEARN MORE ABOUT OUR SERVICES
Latest Blog posts
SEARCH LOCATION WITH ZIP CODE

download your free guide!

The Top 10 Ways to Protect Your Privacy Right Now!

Learn the secrets of our 50 destruction professionals as they delve into the top ways to protect your privacy. Whether your company is big or small, get FREE insider tips to protect your data.