Menu
HIPAA compliant hard drive destruction is a data shredding service available to Georgia healthcare facilities – free of charge.
Both confidential and secure, HIPAA shredding provides an additional physical safeguard when it comes to the security of electronic protected health information (ePHI). As such, it only makes sense for metro Atlanta hospitals and other covered entities to include hard disk destruction as part of the proper disposal of medical records.
Of course, the goal of HIPAA compliant hard drive destruction is to protect the patient’s individually identifiable health information from unauthorized access. Among the personally identifiable information (PII) at risk are the patient’s: name, date of birth, social security number, driver’s license number, credit card/bank information, diagnosis/treatment.HIPAA compliant hard drive destruction is a data shredding service available to Georgia healthcare facilities – free of charge.
Both confidential and secure, HIPAA shredding provides an additional physical safeguard when it comes to the security of electronic protected health information (ePHI). As such, it only makes sense for metro Atlanta hospitals and other covered entities to include hard disk destruction as part of the proper disposal of medical records.
Of course, the goal of HIPAA compliant hard drive destruction is to protect the patient’s individually identifiable health information from unauthorized access. Among the personally identifiable information (PII) at risk are the patient’s: name, date of birth, social security number, driver’s license number, credit card/bank information, diagnosis/treatment.
The last thing any healthcare provider wants is a HIPAA violation citation, especially due to improper disposal of patient records. To prevent stiff penalties for the covered entity, as well as significant harm to the patient, it is imperative to be in complete compliance with the HIPAA policies and procedures. That is where the designated compliance officer comes in.
Depending on the size of the covered entity, the health information management staff may have both a HIPAA Privacy Officer and a HIPAA Security Officer. As such, their job is to adhere to the HIPAA compliance requirements. That said, when it comes to the disposal of medical records, the best policy is to implement reasonable safeguards based on the HIPAA Security Rule.
ACCORDING TO THE SECURITY RULE, THE RECOMMENDED SAFEGUARDS FALL INTO THREE CATEGORIES:
1. Administrative- policies and procedures addressing security measures that protect ePHI. (45 CFR 164.308)
2. Physical- protection of ePHI through physical measures such as the security of equipment and facilities. (45 CFR 164.310)
3. Technical- use of technology to both protect and prevent unauthorized access to ePHI. (45 CFR 164.304)
Obviously, since we are reviewing the HIPAA compliant hard drive destruction requirements, it would make sense to look at the physical safeguards.
© 2024 Copyright| All Right Reserved. E-Waste Central.