As a legal and medical professional, you have a responsibility to protect the privacy of your clients and patients. A key part of that responsibility involves the disposal of personally identifiable information (PII) and protected health information (PHI). In this blog, we offer best practices for securely disposing of legal and medical records.
Ditch the Shredder
Traditionally, healthcare and legal service providers have relied on paper shredding machines for destroying patient and client information. But as high-profile privacy breaches have become more common, the efficacy of using office shredders has come into question. Documents with PII and PHI have been found in dumpsters and recycling bins, exposing individuals to identity theft and fraud. As a result of negligent disposal practices, hospitals have been fined enormous sums for failing to comply with HIPAA privacy requirements. The Department of Health and Human Services (DHHS) Office for Civil Rights (OCR) expects to step up compliance enforcement in 2018, and the stakes are especially high for HIPAA covered entities. Simply put, the costs and risks having employees shred documents internally are too great to justify.
A professional shredding service offers a more cost-effective, reliable and secure document disposal solution. Locked collection containers are placed in your office or healthcare facility, enabling secure document disposal without having to remove staples, paperclips and rubber bands. On a scheduled or as-needed basis, a screened and uniformed shredding technician arrives at your office and shreds the contents of the containers on-site with a mobile shred truck or transports them in a GPS-monitored truck to a shredding plant for offsite destruction.
Document Your Compliance
When your documents are destroyed by a shredding and destruction partner, your compliance risks are reduced. Your information is handled within a strict chain of custody, and a Certificate of Destruction is issued each time your records are destroyed. It verifies the time, date, and method of destruction and serves as documented proof of your practice’s compliance with state and federal privacy laws.
Choose a Locally-Owned Shredding and Destruction Partner
Trust is one of the most important factors when choosing a shredding provider. For a local shredding and destruction provider to be successful in an increasingly competitive market, they must have exceptional integrity and ethics. To make sure your practice receives the highest level of privacy protection and legal compliance, choose a locally-owned shredding and destruction partner.
Following these best practices will help you reduce your organization’s identity theft and medical fraud risks.
Patriot Shredding provides shredding solutions for businesses in DC, Maryland and Virginia. To learn more, please contact us by phone or complete the form on this page.