What does the HIPAA Privacy Rule require regarding the disposal of E-PHI?
HIPAA requires policies and procedures that address the disposition of protected health information (PHI) and the hardware that it’s stored on. All PHI must be removed from media before items are made available for re-use. See 45 CFR 164.310(d)(2)(i) and (ii).
HIPAA does not specify a disposal method. Data must be destroyed by clearing (data completely overwritten), purging (degaussing), or destroying through shredding, incinerating, etc.).
Our processes are HIPAA COMPLIANT when you order Serial #'s as part of the service!
What Is A Hard Drive?
Hard drives store almost everything on your computer, including your operating system, most software, and most of your files. Even when your computer is powered off, your hard drive holds on to all of the information you have stored on it. A hard drive can contain thousands of harmless files or thousands of not-so-harmless files that contain credit-card numbers, passwords, financial records, medical information, trade secrets and other sensitive information.
Why Destroy A Hard Drive?
Simply deleting all of your data off a hard drive and throwing it out is not a safe solution. Data can be still be recovered even if you have deleted it. Data-recovery methods are becoming more sophisticated every day, and computer forensics experts are commonly retained by government and private organizations involved in intellectual property theft, industrial espionage, employment disputes, fraud investigations, forgeries, etc. However, no one should assume that computer forensics experts are the only ones who have such powerful techniques and know-how. Hackers and data thieves on local and global levels are on the lookout for hard drives that are not properly wiped or destroyed.
Pick Up or Drop Off Your Hard Drives?
Whether you choose to drop off or have one of our staff members pick up your hard drives, your items will follow our strict chain of custody and be destroyed in accordance with certification specs.