I have a few questions and hoped that someone may be able to answer or point me in the correct direction.
1. ROM can be used to store user data on many Pocket PC's?
2. Information stored on ROM will not be lost due to power loss?
3. Information stored in ROM will not be lost due to a hard reset?
4. If information stored in ROM can be removed by a hard reset, can the information be restored? What I am trying to find out is the Department of Defense recommends overwriting hard drives with random 0's and 1's at least 6 times to adequately prevent others from trying to restore the original data on hard drives. Are there the same concerns for ROM? If so are there utilities to do this?
5. Are there the same concerns as number 4 above for RAM?

I work for a company that distributes PDA's and cell phones with data capabilities. Though there is a policy stating these devices should not be used to store sensitive or confidential information, we can't always count on the policy to be adheared to. What precautions should be taken before they are transferred from one department to another or surplused?
Thank you. I really appreciate any comments suggestions you may have.

1, 2, 3= true
4 rom info is only removed through a hard reset involving a rom upgrade from the manufacturer, if you can find a program to to the wipe it should be good, or you could degauss the devices, but then nobody could ever use them again (oops thats mram, you could short the rom, and destroy the chips)
5 ram is completly and permantly erased after loss of power (give it about an hour after the backup and main batteries are dead, and there shouln't be anything left in ram at all.