The Health Insurance Portability and Accountability Act (HIPAA),was enacted to prevent the use or disclosure of protected health information (PHI). HIPAA requires that health organizations maintain reasonable care to physically safeguard patient’s PHI.
HIPAA AND EPHI
We will focus on electronic protected health information (EPHI) – digital data recorded on computer hard drives, optical, flash and magnetic media such as CDs, DVDs, thumb or USB drives and backup tapes.
Companies that are affected by HIPAA data Destruction laws
- Clinics, Hospitals and Doctors Offices
- Insurance Companies and Businesses Associates
- Pharmacies & Healthcare Clearinghouses
Fines and Penalties associated with HIPAA and Data Destruction laws
- HIPAA violations associated with disclosures by error
- Fines from $100-$50,00 per violation; fines up to $25,000-$1.5 million per year
- HIPAA violations associated with criminal activity:
- Any wrongful disclosure could bring $50,000 in fines or 1 year in prison
- Intent to sell information could bring a $250,000 fine and/or 10 years in prison
How does HIPAA affect you when it comes to digital data destruction and the destruction of computer hard drives, backup tapes and USB or flash drives?
Part 1: Digital Data Destruction: HIPAA Physical Safeguards,
Part 2: Digital Data Destruction: HIPAA Access Controls
Part 3: Digital Data Destruction: HIPAA Device and Media Controls (hard drive destruction and disposal)
E-Waste Security is a NAID Certified digital data and hard drive destruction company. We provide onsite destruction services to help comply with PHI destruction requirements associated with HIPAA and other data privacy laws.