Federal Framework
DoD 5220.22-M Standard: History, Deprecation, and Modern Replacements
DoD 5220.22-M is the legacy multi-pass overwrite pattern from the Department of Defense National Industrial Security Program. NIST Special Publication 800-88 Revision 2 has superseded it as the prevailing federal media-sanitization guideline, yet enterprise RFPs still request it by name. All Green Recycling's software wiping service processes conform to the DoD 5220.22-M multi-pass overwrite specification on magnetic media.
What Is DoD 5220.22-M?
DoD 5220.22-M (DoD Manual 5220.22-M overwrite pattern; legacy NISPOM) is a data-sanitization overwrite scheme that originated in the U.S. Department of Defense National Industrial Security Program Operating Manual. Its best-known form overwrites every addressable location on a magnetic drive three times: a character, its complement, then a random character, with verification.
Publisher: U.S. Department of Defense; administered historically through the Defense Counterintelligence and Security Agency (DCSA)
Current status: The overwrite-method tables were removed from the NISPOM. The NISPOM is now codified at 32 CFR Part 117 and points to NIST SP 800-88 for sanitization.
Legal force: Not a current federal requirement on its own; widely referenced in procurement language and enterprise security policies.
The “5220.22-M” name persists in industry because it became shorthand for “secure multi-pass wipe.” Software vendors still ship a “DoD 5220.22-M” wipe profile, and many corporate and government RFPs specify it. The pattern remains a valid Clear-level method for magnetic hard drives, even though the manual that defined it no longer governs federal sanitization.
What Does the DoD 5220.22-M Overwrite Pattern Require?
The DoD 5220.22-M overwrite pattern requires multiple overwrite passes across all user-addressable sectors of a magnetic drive, followed by verification that the final pass wrote successfully. The common three-pass sequence writes a fixed value, its binary complement, and a random value.
The three-pass sequence
Pass 1: Overwrite every addressable location with a fixed character (for example, binary zeros).
Pass 2: Overwrite every addressable location with the complement of that character (binary ones).
Pass 3: Overwrite every addressable location with a random character, then verify the write.
The seven-pass variant (5220.22-M ECE)
Some specifications cite a seven-pass “Extended Character Erase” that runs the three-pass sequence, a random pass, and the three-pass sequence again. The seven-pass variant offers no measurable security benefit over a single verified overwrite on modern drives, and it consumes far more time.
Why overwrite passes do not work on flash media
The overwrite model assumes a one-to-one mapping between a logical address and a fixed physical location, which is true for magnetic platters. Solid-state drives, NVMe drives, and USB flash use wear-leveling controllers that remap writes across NAND cells. A logical overwrite cannot guarantee that every physical cell holding old data is reached. Flash media require Cryptographic Erase or physical destruction instead.
Verification was always part of the specification
The overwrite pattern was never just a sequence of writes. The specification required verification that the final pass actually wrote to every addressable sector, and a clearing process that did not verify was not considered complete. This is why a credible DoD 5220.22-M wipe produces a per-drive log showing the pass sequence and a confirmed verification result, rather than a simple assertion that a drive was wiped.
Where the authority actually lives now
The National Industrial Security Program Operating Manual was recodified as a federal regulation at 32 CFR Part 117 in 2021, and that rule does not reprint the old overwrite tables. For classified and Controlled Unclassified Information media, the current direction is to follow NIST SP 800-88 and applicable government media-sanitization guidance. DoD 5220.22-M therefore survives as a named method in commercial tools and contracts, not as the operative federal sanitization rule.
How All Green Recycling Aligns to DoD 5220.22-M
All Green Recycling’s software wiping processes are operationally aligned to the DoD 5220.22-M multi-pass overwrite pattern for magnetic media. The DoD 5220.22-M Wiping service runs the verified multi-pass sequence and produces a per-drive erasure record.
When a client RFP names DoD 5220.22-M, All Green Recycling maps the request to the correct modern method:
| Client request | Media | All Green Recycling method | Posture |
|---|---|---|---|
| “DoD 5220.22-M wipe” | Magnetic HDD | Verified multi-pass overwrite | Conforms to the overwrite pattern |
| “DoD wipe” on SSD/NVMe | Flash | Cryptographic Erase or Hard Drive Shredding | NIST SP 800-88 Rev. 2 Purge or Destroy |
| “Highest assurance” | Any | Physical destruction | NIST SP 800-88 Rev. 2 Destroy |
All Green Recycling does not claim to be “DoD-certified.” DoD 5220.22-M is an overwrite specification, not a certification scheme. The company states process-conformance to the overwrite pattern and documents the actual method on every Certificate of Destruction.
This mapping protects the client from the most common failure mode, which is a vendor that applies an overwrite profile to flash media and reports a successful wipe that cannot actually be verified. By routing each device to the method its storage technology supports, and recording that decision per serial number, All Green Recycling ensures the audit trail reflects what was technically achieved rather than what a legacy profile name implies.
Who Still Uses DoD 5220.22-M?
Defense contractors, financial institutions, healthcare systems, and data centers still encounter DoD 5220.22-M in procurement and security-policy language. The pattern appears in three settings: legacy security policies that were written before NIST SP 800-88, RFP templates that were never updated, and software wipe tools that retain the profile name.
Organizations handling Controlled Unclassified Information should follow CMMC Media Sanitization and NIST SP 800-88 Rev. 2, which the Department of Defense now references for sanitization. Where a contract specifies DoD 5220.22-M by name, conforming to the overwrite pattern on magnetic media satisfies the literal request, while flash media are routed to Cryptographic Erase or destruction.
A data center decommissioning racks of mixed drives is the most common place the naming mismatch surfaces, because a single lot can contain magnetic drives suited to overwriting and SSDs that are not. A defense contractor faces the same split and the added CMMC assessment overlay. The correct response in both cases is to treat the request as a sensitivity requirement, apply the verified overwrite where it works, and substitute Cryptographic Erase or destruction where it does not, while documenting which method each device received.
Enforcement and Consequences
DoD 5220.22-M is not independently enforced, because the manual that defined it no longer governs federal sanitization. Consequences arise from the contract or policy that cites it and from the regulation that the underlying data falls under.
Contractual: A vendor that certifies a “DoD 5220.22-M wipe” but applies overwrite passes to an SSD has produced an unverifiable result. If recoverable data later surfaces, the vendor faces breach-of-contract and indemnification exposure.
Defense supply chain: Improper sanitization of CUI media is a CMMC Media Sanitization assessment failure, which can cost a contractor the ability to hold DoD contracts.
Data-protection overlay: When the wiped media held PHI or cardholder data, an inadequate wipe exposes the organization to HHS OCR or PCI card-brand penalties regardless of which overwrite pattern was named.
Audit evidence gap: A wipe claim with no per-drive verification log is treated by most auditors as unproven. The consequence is not only a finding but the cost of re-processing media that may already have left the building, which is why documentation at the point of destruction matters as much as the method itself.
Frequently Asked Questions
Is DoD 5220.22-M still required, or has NIST SP 800-88 replaced it?
NIST Special Publication 800-88 Revision 2 has replaced DoD 5220.22-M as the prevailing federal media-sanitization guideline. The overwrite-method tables were removed from the National Industrial Security Program Operating Manual, which is now codified at 32 CFR Part 117 and references NIST for sanitization. DoD 5220.22-M is still requested by name in many enterprise RFPs, so it remains a valid Clear-level overwrite method for magnetic drives even though it is no longer a standalone federal requirement.
Is a DoD 5220.22-M wipe mandatory or voluntary?
A DoD 5220.22-M wipe is voluntary at the federal level because the standard is deprecated. It becomes mandatory only when a specific contract, RFP, or internal security policy requires it by name. In those cases the requirement is contractual rather than regulatory. All Green Recycling conforms to the overwrite pattern when a client specifies it for magnetic media and recommends NIST SP 800-88 Rev. 2 methods for flash storage.
Does a DoD 5220.22-M wipe work on solid-state drives?
No. The DoD 5220.22-M overwrite pattern was designed for magnetic platters with a fixed logical-to-physical mapping. Solid-state drives, NVMe drives, and USB flash use wear-leveling controllers that remap writes, so overwrite passes cannot guarantee every physical cell holding old data is reached. SSDs require Cryptographic Erase where the drive supports it, or physical shredding when erase cannot be verified.
How does All Green Recycling satisfy a DoD 5220.22-M requirement?
All Green Recycling’s wiping processes are operationally aligned to the DoD 5220.22-M multi-pass overwrite pattern on magnetic media. The company runs the verified multi-pass sequence, produces a per-drive erasure log, and records the method on the Certificate of Destruction. For flash media named in a DoD request, All Green Recycling applies Cryptographic Erase or shredding under NIST SP 800-88 Rev. 2 and documents the substitution so the audit trail stays accurate.
How many overwrite passes are actually necessary on a modern drive?
A single verified overwrite pass sanitizes a modern magnetic hard drive to the Clear level under NIST SP 800-88 Rev. 2. The three-pass and seven-pass DoD sequences were designed for older drive densities and offer no measurable security improvement on current magnetic media. The practical value of naming DoD 5220.22-M today is policy familiarity, not added assurance.
Is overwriting or physical destruction the better choice for retired drives?
It depends on whether the drive will be reused and on the data sensitivity. Overwriting preserves a magnetic drive for redeployment and is appropriate for lower-sensitivity data staying inside the organization. Physical destruction is the stronger choice for high-sensitivity data and for any media leaving organizational control, because it removes the verification uncertainty entirely. For flash media, destruction or Cryptographic Erase is the only reliable route, since overwriting cannot guarantee coverage. All Green Recycling matches the method to the disposition path and records the choice on the Certificate of Destruction.
What document proves a DoD-aligned wipe was performed?
A per-drive erasure record and a Certificate of Destruction prove the wipe was performed. The Certificate of Destruction issued by All Green Recycling lists the serialized device, the method applied, the pass count where overwriting was used, the verification result, and the technician. This record satisfies auditors who asked for DoD 5220.22-M and supports the broader Data Destruction chain of custody.
If DoD 5220.22-M is deprecated, why do RFPs still ask for it?
RFPs still ask for DoD 5220.22-M because the name became industry shorthand for a secure multi-pass wipe long before NIST SP 800-88 existed, and procurement templates are rarely rewritten. Many commercial wiping tools also still ship a profile labeled with the standard, which keeps the term in circulation. All Green Recycling honors the literal request on magnetic media and, rather than rejecting an outdated specification, recommends the current NIST SP 800-88 Rev. 2 method for any flash media in the same lot so the result is both audit-defensible and technically valid.
Need media sanitization services that satisfy DoD 5220.22-M Standard?
Bonded · Insured · Certificate of Destruction · Methods follow DoD 5220.22-M Standard