Patient information security is one of the most important elements in medicine. Keeping patient records and details confidential is morally respectful, and also maintains an element of trust between a doctor and an individual. Failing to comply by HIPAA regulations can also be extremely costly. We’re talking $13,000-per-day fine amount for HIPPA violations in medical facilities.
DataShield thoroughly understands and complies with the Health Insurance Portability and Accountability Act (HIPAA), demonstrating our unwavering commitment to protecting our healthcare industry customers’ confidential information.
Under HIPAA law, companies are not allowed to simply abandon records/items containing personal health information (PHI) or dispose of it in public trash receptacles. Companies must have a permitted procedure in place and train all employees who handle confidential information. Companies must also address the final disposition of electronic PHI and/or the hardware on which it is stored and hard copies of the records.
Here are three things you should know about proper destruction and storage methods of PHI materials as outlined by HIPAA Privacy and Security Rules.
Disposal of Paper Records
A company must implement shredding, burning, pulping, or pulverizing the records so that PHI becomes essentially unreadable, indecipherable, and impossible to be reconstructed. DataShield’s convenient mobile or plant-based shredding services are HIPAA compliant, and ensure the utmost security to meet regulatory requirements.
Disposal of Electronic Media
A company must clear (use software or hardware products to overwrite media with non-sensitive data), purge (degauss or expose the media to a strong magnetic field in order to alter recorded magnetic domains), or destroy the media (disintegrate, pulverize, melt, incinerate, or shred). DataShield guarantees the destruction of your sensitive PHI files with our top-notch data destruction services. We strip your electronics of any hard drives and storage components and shred them down to irretrievable pieces.
Hardcopy paper medical records are very susceptible to security violations. They’re vulnerable to anything from unprotected FTP access to normal human error, which is unfortunately very common. These risks often make medical file storage a challenge for healthcare providers everywhere.
To avoid these issues with older, out-of-date files, it’s wise to store paper charts and medical records in areas away from other records or equipment, like the DataShield strictly controlled, off-site storage center, complete with 24-hour security and surveillance. Our security procedures have been approved by the National Association for Information Destruction (NAID). This denies access and visibility to unauthorized personnel, and guards against leaked patient information.
HIPAA regulations, like most other highly sensitive information standards, are always changing and developing. Our team of experts is committed to keeping you up-to-date on these shifts and ensure the safety and security of medical records you have on file.