Published on March 15, 2019, Updated on January 12, 2022
As the medical industry has rapidly transitioned from paper records to storing patient information almost exclusively on electronic mediums, the importance of maintaining the privacy of patient information as well as the security and integrity of those records has become paramount. Data integrity in the health industry is heavily regulated, primarily by the Health Insurance Portability and Accountability Act (HIPAA). One major concern that HIPAA addresses is what must happen when a service provider disposes of electronics that stored protected health information (PHI). The act allows for data overwrite, purging, or media destruction, all services offered by 1 Green Planet. Let’s talk about these destruction methods more in-depth, and how our services include a certificate of destruction that meets HIPAA standards for guaranteeing compliance.
Data Clearing
Accomplishing data destruction using software methods, data clearing is not a service usually offered or performed by recycling companies. Instead, it’s a step security professionals suggest companies and individuals take prior to recycling any electronic devices used to store sensitive data, to minimize the risk of data being accessed inappropriately. Software used to overwrite data in this way will erase existing data, and then fill, delete, and refill the memory space 3-5 times. This ensures that the devices have little to no trace of sensitive data remaining. Sufficient for some levels of healthcare data, in the case of more sensitive data, it’s only the first step in the process of properly disposing of electronic devices.
Drive Purging
Drive purging takes data destruction to the next level. Also referred to as degaussing, the process uses very powerful magnets to swap the magnetic domain of the hard drive memory surface, making the data stored there unreadable and unrecoverable. This method also renders the drive completely unusable. As it doesn’t rely on software, this process isn’t operating system or interface reliant, and provides a more efficient and complete method of erasure than software based programs.
Hard Drive Destruction
In order to fully ensure the proper destruction and disposal of data and the medium upon which the data is stored, the full destruction of the hard drive is a guaranteed method. This can be accomplished through disintegration, pulverization, melting, incinerating, or shredding of the drive surface. This approach ensures that there is no medium from which to extract data at all, and is the method most compliant with HIPAA requirements.
Documented Results
Oftentimes, healthcare related data destruction is carried out by a contracted third-party service provider. However, it’s not enough to satisfy HIPAA compliance requirements for the service provider to claim destruction of the data storage medium. A clear chain of ownership and liability must be established.
1 Green Planet and other companies that provide legitimate data destruction and device recycling services offer a certificate of destruction that transfers ownership and liability for the private data on the devices and outlines clearly when and how the device storage medium will be destroyed, as well as any other conditions involved in the service agreement. Explore 1 Green Planet’s data destruction services, and contact us today to determine if our extensive and compliant destruction services meet your needs.