When you work in a hospital or medical center, taking care to properly dispose of your patients’ personal information is vital to maintaining their privacy and security, not to mention avoiding data breaches.
Further, medical facilities and other businesses in the healthcare industry come with their own set of guidelines when it comes document destruction. HIPAA (Health Insurance Portability and Accountability Act) mandates that all healthcare facilities protect and later dispose of protected health information (PHI) according to strictly defined rules. Being HIPAA compliant requires learning the standards and guidelines concerning PHI.
While we won’t be going over the HIPAA regulations in their entirety in this blog, we are going to sketch out an outline of what the rules generally require, courtesy of the team here at Wiggins Shredding.
When to Destroy Medical Records
Although there are differences in the specific info contained in medical documents, the best practices for all records involve secure document retention and destruction policies.
Concerning HIPAA and medical records shredding, there are mandatory retention laws that require medical records to be kept for a set period. HIPAA requires all medical records to be retained for six years from the date of its creation or last use, whichever comes later.
State laws also usually have their own document retention laws. If your state laws require a retention period longer than six years, these supersede the HIPAA standards.
Either way, once a medical record’s retention period expires and the document no longer has a useful purpose, it should then be securely shredded.
Types of Medical Records to be Shredded
The following types of medical records and documents are defined as protected health information under HIPAA privacy laws:
- Phone Numbers
- Geographic Identifiers
- Fax Numbers
- Email Addresses
- Biometric Identifiers
- Medical Record Numbers
- Full Face Photos and Comparable Images
- Social Security Numbers
- Health Plan Beneficiary Numbers
- Certificate/License Numbers
- Account Numbers
- Vehicle Identifiers and Serial Numbers
- Web URLs
- Device Identifiers and Serial Numbers
- Unique Identifying Numbers, Characteristics, or Codes
- Internet Protocol (IP) Address Numbers
Are you interested in arranging for regular, secure document destruction by experienced professionals? Call our team at Wiggins Shredding today at 610-692-TEAR (8327).