What do you know about HIPPA Data Destruction? HIPAA is the Health Insurance Portability and Accountability Act of 1996. This act was put into place in order to protect the privacy of American citizens. HIPAA is used in a variety of settings and contexts, many of which deal specifically with health insurance practices and security. Data security is an important part of being HIPAA compliant. This is because even if you did not specifically and knowingly, give away health information, if the data is hacked, the company would still be infringing on HIPAA. Since HIPAA compliance is important, here are some things to keep in mind in order to not to against this federal act.
As stated, since the HIPAA Privacy act requires that certain precautions are taken to safeguard health information, there are specific actions that your company can do to help keep your company compliant. For example, practices must prevent prohibited uses and disclosures of health information. This includes the secured disposal of information as well. Easy things that companies can implement into security practices include not allowing sensitive information to be shared with all employees, sensitive information is shared on a need by need basis and for a certain amount of time. If sensitive information is on a computer program, be sure to close down the program when not in use and only allow access to the program through a security measure such as a password. Email of sensitive information should be limited and only used when absolutely necessary, never share passwords among employees and make sure that all computers are properly secured and up to date with anti-virus screening and firewalls.
Finally, information disposal needs to be secure as well. Sensitive health information that has been stored on computers is still present on the computer even after files have been deleted. This means that files from clients or employees long ago can still resurface and fall into the wrong hands. In order to keep your company compliant with HIPAA, it is important to engage in secure data destruction.