In 1996 the US government passed the Health Insurance Portability & Accountability Act; also referred to as HIPAA. The act was modified largely to modernize the movement of healthcare-related data, while protecting personal information from fraud and theft. Essentially HIPAA covers how and when patient data should be handled and managed.
HIPAA applies to nearly all facilities and businesses operating in the health sector; from hospitals and medical practices to other healthcare businesses that look after personal and patient information; other words known as protected health information – PHI.
The act provides specific guidelines for affected organizations on how long certain information needs to be held onto for, how it should be destroyed, and what information should be held onto and / or destroyed.
What Does PHI Consist of?
Protected health information can refer to documents that contain the following personal details:
- Social Security Numbers
- Beneficiary Numbers
- Phone Numbers
- Email Addresses
- Medical Record Numbers
- Vehicle Identifiers & Serial Numbers
- Web URL’s
- Full face photos and / or biometric identifiers
The Department of Health and Human Services states that a properly destroyed piece of PHI should be left 100% unreadable, indecipherable and non-recoverable.
When Does PHI Require Shredding?
The length in which PHI must be securely stored changes according to state; however, state laws and HIPAA both include regulations for the duration in which medical records require keeping. In certain situations, state laws have obligatory retention periods that are shorter or longer than those in HIPAA (6 years);
- When they are shorter; HIPAA regulations replace state laws.
- When they are longer; State regulations replace HIPAA retention regulations.
Always Confirm Your Shredding Provider is HIPAA Compliant
A1 DATASHRED offers reliable shredding services that guarantee healthcare clients are within regulation of HIPAA destruction guidelines. We provide a selection of different shredding options that make shredding convenient and easy. When you partner with our team we will work with you to determine a schedule that is fitting for your requirements; this means no need to worry about when documents should be shred; we’ll arrive at the predetermined time and date and look after everything so you can continue focusing on your patients.
A1 DATASHRED offers services both on and off-site, making it easy for healthcare organizations to get the services they need to protect their patients. From scheduled services to off-site purges, we can do it all regardless of the job size. Don’t need documents destroyed? No problem: we offer record storage services to help clients fulfill their storage needs with state of the art archiving technology and building security.
Get in touch with us today to learn about our document shredding services and how they can assist you in protecting confidential, patient data from exposure. Keep your business compliant and protect your patient’s sensitive information at the same time.
As a business owner presumably, you are familiarized with cyber security and what it entails, at least to a certain extent. However, it can also cause some confusion at times so below we will cover some standard facts and knowledge surrounding the topic, ensuring you have all the information needed to properly protect your business from common cyber threats and hacking mechanisms being practiced today.
To start, you might wonder exactly what cyber security covers? To keep things relatively brief, cyber security refers to maintaining safety and security over your electronic devices in hopes to prevent attacks from happening. Such devices might include computers and smartphones, as well as networks and software programs from being attacked electronically. With each of these attacks comes the desire to alter, access or destroy certain forms of data; which is almost always confidential in nature. With some attacks, the mission in place is to gain money and nothing else; this can target individuals while they are on scrolling on their phone or personal device, which can lead to some serious issues for companies as many depend on cell phones, laptops, and computer-based processes to function day-to-day.
A Human Element
Cyber security needs multiple components to effectively work. While maintaining security software and network hardware is smart and highly encouraged, a cyber security protocol also depends on smart usage and behavior from users operating the devices. What does this include? To start, you’ll want to confirm that every password you’re coming up with is strong and difficult to guess. You’ll also want to refrain from using websites that raise red flags or appear suspicious, because they are likely lacking security. Always do your research and verify that the website you’re visiting is credible and trustworthy before supplying any personal details about yourself or company.
Email is another area where user discretion is highly suggested. It is quite common for networks and devices to experience infection as a result of malicious software. This can occur by simply opening an email/attachment. It can happen so quickly without any warning signs. Take a good look at the sender and their email address to verify whether it’s recognizable or legitimate and stay away from opening anything that appears untrustworthy. To learn more about how to identify suspicious emails, and to test your ability, take a look at Cisco’s phishing quiz.
Types of Cyber Attack
Hackers have very strategic approaches in place to obtain your confidential data. A trustworthy and strong cyber security protocol will work to shield against most of them. While there are many different mechanisms out there, here is a brief summary of the most commonly used;
- Phishing – You’ve likely received an email in the past that appeared to be coming from a secure source but in the end was not; this is exactly what phishing is about. An email that comes from malicious senders posing as trustworthy senders with the intent of fooling the user into offering up sensitive information such as credit card or banking information.
- Malware – Malware is software that is programmed to recover information on your device without permission. There are many forms of malware that all function uniquely from one another.
- Ransomware – This is a more serious form of cyber-attack. Ransomware basically blocks access to information on a computer system or network and presents the user with a screen requesting payment for the release of this protected data.
Cyber security is more critical than ever before. Why? As many companies convert to electronic data storage, operating electronically as a whole, more and more information is being shared and stored this way. Without the proper security measures in place, this can invite in potential trouble; hackers gaining confidential details that should be kept private. Ensuring you are protected from such threats should be a top priority. When you make the decision to maintain a strong cyber security protocol and establish relationships with partners you can depend on to keep your information secure, you are taking the proper actions towards cyber security.
If your business is in need of a partner to protect your data including your old hard drives, A1 DATASHRED will safely destroy your hard drives so data is no longer recoverable. Remember that data security goes beyond document shredding.
Stay safe online and practice the necessary security and software to ensure you are protected from hackers. What about those old hard drives you have tucked away in your storage room? We’ll safely destroy them, so you don’t have to worry about the status of your security or privacy. Taking these steps is vital in remaining protected from possible threats!
Learn about our document shredding and hard drive destruction services today.