This website was created for professional medical and dental administrative leaders to do the following:
Employee training, written policies and destroying discarded paper records are included in the top ten data protection compliance recommendations.
Analysis of hard drives bought on the second hand market showed that a significant number still contained personal information despite obvious indications that the owner had tried to overwrite the information themselves.
An analysis of the contents of commercial outside trash “dumpsters” conducted in Toronto determined that 3 out of 4 doctors’ offices contained improperly discarded personal health information.
States’ Attorneys General are being currently being trained by HHS to aggressively utilize their new HIPAA enforcement mandate.
Neither pressing the “Delete” button or reformatting removes data from a computer hard drive. It only erases the index and conventional recovery utilities can still easily access the information unless the hard drive is properly sanitized or destroyed.
According to HHS, “Paper, film, or other hard copy media have been shredded or destroyed such that the PHI cannot be read or otherwise cannot be reconstructed.”
PHI is considered any information about a patient, including diagnosis, treatment, billing, or personal information associated with treatment.
Improper disposal of PHI among top 5 causes of required health data breach notifications: 1. Theft, 2. Loss, 3. Unauthorized Access/Disclosure, 4 Improper Disposal, 5 Hacking/IT Incident (US Dept. of Health and Human Services).
The unsecure disposal of PHI would be an example of a HIPAA offence qualifying for the maximum level of mandatory fines, according to the US Dept of Health and Human Services. (Federal Register Pg 40879).
The US Dept of Health and Human Services will soon be required to investigate complaints about improper disposal of PHI. (Federal Register – pg 40876).
August 08, 2018: News for HIPAA Security Rule Requires Secure Disposal of ePHI-Laden Devices
News for July 06, 2018: Secure Healthcare Data Sharing Not a Priority for Some Workers
News for June 29, 2018: AHA Urges Consumer Education on HIPAA Privacy Rule and Health Apps
News for May 30, 2018: With Consumer Privacy Center Stage, Why Aren’t We Talking About Health Data?