With the passage of the Health Insurance Portability and Accountability Act (HIPAA) in 1996, entities that collect, store and use sensitive health information became liable for protecting information from unauthorized access or use. Under HIPAA, any part of a patient’s medical record or payment history and individually identifiable health information that falls under one of 18 categories of identifiers is designated as Protected Health Information (PHI). PHI can be transmitted and maintained using paper hard copy files or electronic or other media.
The HIPAA Privacy Rule requires that covered entities apply appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information (PHI), in any form. To ensure compliance, HIPAA was recently amended to increase fines for improper disposal from $25,000 to $1.5 million. For doctors’ offices, insurers and other associated providers, this means specific steps must be taken consistently to maintain compliance with the way PHI is to be managed and destroyed. Care providers and other covered entities are not permitted to simply abandon PHI or dispose of it in dumpsters or other containers that are accessible by the public or other unauthorized persons. Take the guesswork out of destroying PHI by trusting your shredding and disposal services to an accredited professional who understands the value of the information entrusted to your care.
To protect PHI that is managed and stored electronically, the HIPAA Security Rule requires that covered entities implement policies and procedures to address the final disposition of electronic PHI, including the files and hardware or electronic media on which it is stored, as well as to implement procedures for removal of electronic PHI from electronic media before the media are made available for re-use. When electronic PHI no longer needs to be stored or computers are replaced, deleting files and putting your hardware in the dumpster or for sale on the internet leaves you vulnerable. When Computing magazine bought eight used computers on internet auction sites, they found 22,000 deleted files. To ensure that your electronic PHI is permanently destroyed, rely upon a professional information destruction service that follows HIPAA guidelines for dismantling and destroying outdated information and hardware.
Corrigan Record Storage is a trusted provider of information management services, including document storage, document scanning, vault storage and comprehensive shredding services. Our professional staff maintains HIPAA certification, so your compliance is assured. Our facility holds AAA certification by the National Association for Information Destruction, whereby we undergo several unscheduled annual inspections to give you unequaled peace of mind that your PHI and other documents are destroyed in keeping with the highest industry standards. Click here to verify our certification.Call 248.344.9185 or 1.800.944.7716 or fill out the form in the sidebar to see our shredding operation in action and learn how affordable and effortless compliance can be.