The Basics of HIPAA and Electronic Recycling
Healthcare providers, like many other businesses, must eventually update their computers, printers, copiers, and other electronic equipment. In fact, many healthcare facilities update their equipment frequently to ensure that the most up-to-date technology is being used for security reasons. While upgrading electronics is a prudent and useful idea, healthcare providers face specific obstacles when recycling outdated electronics. Legally disposing of computer equipment requires the complete destruction of patient information contained on them by the organization.
The Health Insurance Portability and Accountability Act (HIPAA) was established in 1996 to protect the confidentiality and security of patient information. The HIPAA Privacy Rule requires appropriate precautions in order to safeguard the privacy of protected health information (PHI). The HIPAA Security Rule commands healthcare providers to implement specific procedures to address the final disposition of electronic patient information and PHI, as well as perform procedures for removing this information before donating the devices to a recycling or refurbishing facility.
Some sources have suggested that up to 50% of healthcare providers are in violation of HIPAA’s Final Security Rule, and many are not even aware of the regulations. This is especially prominent when healthcare organizations upgrade and replace their electronic devices. Any data left on the computers when recycling the electronics is in violation of HIPAA due to the HIPAA Privacy Rule that safeguards PHI.
eRevival Helps Keep You Compliant
The ramifications for a security breach regarding PHI are serious, which is why many healthcare providers choose to employ an outside source to oversee all electronic recycling. It is important that the electronic recycling company chosen is well established as a secure and safe data shredding facility. eRevival destroys 100% of all data contained on electronic devices and provides your company with a “Certificate of Destruction” so that you can feel confident in the security of PHI and other data destruction.