The amount of sensitive data stored on electronic media increases as the use of computers and mobile devices becomes more prevalent. For example, home computers and devices may store financial information (e.g., Quicken files or tax documents), usernames and passwords, private correspondence (e.g., emails or chat logs), and personal media files (e.g., pictures or videos). Business computers and devices may store sensitive client data and trade secrets. Government computers and devices may store personally identifiable data on citizens and various classified materials. As the amount of digital sensitive information accrues, the need for the ability to securely remove this information increases. Short of physically destroying the entire storage medium, existing secure-deletion solutions tend to be piecemeal at best - they may only work for one type of storage or file system, may force the user to delete all files instead of selective files, may require the added complexities of encryption and key storage, may require extensive changes and additions to the computer's operating system or storage firmware, and may not handle system crashes gracefully. This dissertation introduces TrueErase, a holistic secure-deletion framework that irrevocably deletes data and metadata. At heart, TrueErase is an information-propagation framework that works alongside of legacy operating system components for easier integration. Through its design, implementation, verification, and evaluation on both a hard drive and emerging solid-state storage, TrueErase shows that it is possible to construct a holistic, per-file, encryption-free, secure-deletion framework that accommodates different storage media and legacy file systems, requires limited changes to legacy systems, and handles common crash scenarios. The experience of building TrueErase further contributes insight into the mechanisms and complexities of the legacy operating system storage data path.