We too often hear stories of a laptop or hard drive finding their way into the wrong hands. Once these confidential information-bearing devices get swiped from a non-secure area, trouble immediately starts boiling. Under the Health Insurance Portability and Accountability Act (HIPAA), medical facilities are held responsible for information that passes through their offices on a daily basis. Non-medical related companies still hold the same responsibility when it comes to secure hard drive shredding.
Why Your Small Business Needs a Hard Drive Destruction Plan
Many businesses, especially smaller ones, lack the resources needed to effectively carry out secure hard drive destruction methods. A simple mistake can cause major repercussions. Compromised data can lead to thousands of dollars in fines if the company is found to be in violation of state or federal compliance regulations. The company’s reputation also suffers damage.
Elliot Hospital in Manchester, NH, recently faced a data breach when four computers were stolen from an employee’s car when they were being taken to a facility to get destroyed. The computers contained confidential information of over 1,000 patients.
The problem in this recent news scenario falls on the transition process. Secure hard drive shredding involves a shortened chain of custody for maximum security.
Computers, laptops, printers, or whichever information storage component a company decides to destroy remain protected from the moment of pick-up to final hard drive shredding. The middleman is eliminated and replaced with certified destruction specialists who value information security every step of the way.
Elliot Hospital patients were lucky this time. Officials stated that none of the information on the computers contained patient medical information.
Some facilities aren’t so lucky. In August 2013, the U.S. Health and Human Services Department fined Bronx-based Affinity Health Plan, Inc. more than a million dollars ($1,215,780) for leaving confidential medical records on the hard drive of a leased photocopier. The company faced a hard financial truth, but also put thousands of customers at risk.
Hard drive shredding guarantees personal information is no longer accessible.
DataShield Can Help
Call DataShield today to start developing policies and procedures for your company’s hard drive destruction process. Don’t learn the hard way before realizing the importance of a chain of custody for any information-containing device.