HIPAA, the Health Insurance Portability and Accountability Act, establishes security and privacy standards for the use and disclosure of “protected health information” (PHI) to ensure that patient data remains safe. The privacy rule requires that covered entities apply appropriate administrative, technical, and physical safeguards to protect the privacy of PHI in any form.
Failure to abide by these rules can result in hefty fines, not to mention patient lawsuits and bad publicity.
The HIPAA Security Rule requires that covered entities implement policies and procedures to address the final disposition of electronic PHI and/or the hardware or electronic media on which it is stored, as well as to implement procedures for removal of electronic PHI from electronic media before the media are made available for re-use.
Many assume this means to delete all patient files and sensitive information before removing computers from the premises. However, this task can be more difficult than it seems. Deleted PHI data can easily be recovered from hard drives — even if the drive has been reformatted.
Therefore, who you hire to recycle your computers and what they do with your equipment after it leaves your building can have a big impact on whether you stay in compliance with HIPAA rules.
PC Disposal built its reputation on data security. To start with, we are R2 Certified as a responsible recycler. And while the R2 standard is usually associated with environmental responsibility, it also includes data security.
R2 Certification includes the following safeguards:
PC Disposal starts with R2 standards and offers extra layers of security and service:
PC Disposal's security, disposal, and recycling methods are fully compliant with HIPAA, HITECH, Gramm-Leach-Bliley, FACTA Red Flags Rules and Environmental Protection Agency rules.
“I had the opportunity to visit the PC Disposal facility. I was impressed by operation and the great staff. I am very happy with the service.”
Romy Riddle, President