Welcome to properPHIdisposal
This website was created for professional medical and dental administrative leaders to do the following:
- Define Protected Health Information (PHI) in the new HIPAA.
- Explain the challenges related to discarding PHI on a daily basis.
- Provide information and resources that will protect their organizations from the new mandatory fines recently added to HIPAA for improper disposal of PHI.
PHI Disposal Fact
Employee training, written policies and destroying discarded paper records are included in the top ten data protection compliance recommendations. [Read More…]
Analysis of hard drives bought on the second hand market showed that a significant number still contained personal information despite obvious indications that the owner had tried to overwrite the information themselves. [Read More…]
An analysis of the contents of commercial outside trash “dumpsters” conducted in Toronto determined that 3 out of 4 doctors’ offices contained improperly discarded personal health information. [Read More…]
States’ Attorneys General are being currently being trained by HHS to aggressively utilize their new HIPAA enforcement mandate. [Read More…]
Neither pressing the “Delete” button or reformatting removes data from a computer hard drive. It only erases the index and conventional recovery utilities can still easily access the information unless the hard drive is properly sanitized or destroyed. [Read More…]
According to HHS, “Paper, film, or other hard copy media have been shredded or destroyed such that the PHI cannot be read or otherwise cannot be reconstructed.” [Read More…]
PHI is considered any information about a patient, including diagnosis, treatment, billing, or personal information associated with treatment [Read More…]
Improper disposal of PHI among top 5 causes of required health data breach notifications: 1. Theft, 2. Loss, 3. Unauthorized Access/Disclosure, 4 Improper Disposal, 5 Hacking/IT Incident (US Dept. of Health and Human Services) [Read More…]
The unsecure disposal of PHI would be an example of a HIPAA offence qualifying for the maximum level of mandatory fines, according to the US Dept of Health and Human Services. (Federal Register Pg 40879) [Read More…]
The US Dept of Health and Human Services will soon be required to investigate complaints about improper disposal of PHI. (Federal Register – pg 40876) [Read More…]