We regret to inform you that last week we learned that your personally identifiable information, including name, address, passport, date of birth, location of birth, genetic data, and social security number might have been compromised. Last Monday, it had been found that an unauthorized individual sorted through some tough drives we'd disposed of at a facility adjacent to our workplace and gained access to the protected health information contained on these drives.
We sincerely apologize and reaffirm our commitment to supplying you with quality care in the future.
Does this seem like a letter that you want to write?
Regrettably, a HIPAA breach can have more serious repercussions for health care firms than just an apology letter. As stated by the US Department of Health and Human Services, covered entities under HIPAA have to issue a press release to media serving the region within 60 days of a breach impacting 500 of people in a country or authority under the Breach Notification Rule (HHS, n.d.). This can lead to irreparable harm to the company’s reputation and loss of market share. The Business must also notify the HHS secretary of breaches between 500 or more people so that the bureau can make the data publicly accessible on this breach portal (HHS, n.d.). And that’s perhaps not to mention the countless dollars in lawsuits that are likely to accompany all this humiliation.
To quote IT service supplier Congruity, “onsite data destruction is the very best way to be 100% HIPAA compliant. ”(Congruity, 2016) Recognizing the protected health information might be lost or stolen in transit to an offsite shredder, Guardian delivers its mobile shredding laboratory, equipped with a 2MM solid condition shredder, onsite to the client’s location. Please view this fast video to compare 30 millimeter shredding against 2 mm solid state drive shredding. You’ll see that this more high level of disintegration is the only way to guarantee compliance with HIPAA guidelines by making certain there's simply no way that data could be gleaned from the debris.
How does your business securely dispose of its protected health information? Does your hardware vendor use a 2 millimeter shredder? For questions about safe data destruction or to find a 2 mm strong state shredder near you, email Guardian at email@example.com.
US Department of Health and Human Services Office for Civil Rights. Health Information Privacy, Breach Notification Rule. (n.d.) Retrieved on January 3, 2017 from https://www.hhs.gov/hipaa/for-professionals/breach-notification/
US Department of Health and Human Services Office for Civil Rights. (n.d.) Retrieved on January 3, 2017 from https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
Congruity. Why Onsite Data Destruction Is The Best Way To Be 100% HIPAA Compliant. (2016, March 9th).