Abstract
No technology lasts forever. Your business will need to replace server hardware or workstations eventually, no matter how well you take care of it. However, what do you do with the hard drive of any device that you have to replace? If you don’t take action to destroy your old hard drive (after moving any data off of it as needed), you could be in violation of various compliance guidelines issued by HIPAA.
Why is HIPAA Important?
The Health Insurance Portability and Accountability Act of 1996 accomplishes two major goals: protect the health insurance coverage of workers as they change their employment, and protect the privacy of health data. One of the best ways to protect data like this is to make sure that only a certain number of copies are available, and that none of them are sitting around and waiting for someone to steal them. Even if it’s just sitting around waiting to be recovered, the data is at risk.
The latter point is particularly important since medical professionals need to store each individual patient’s data on their systems. Doctors aren’t immune to the dangers of hardware failure, and if they carelessly chuck their old hard drives following a catastrophic failure of some sort, there could be serious consequences. HIPAA provides specific requirements that healthcare providers need to adhere to in order to avoid liability for any issues related to data privacy.
How Do You Destroy Your Data?
One oddity with HIPAA compliance is that it doesn’t provide organizations or healthcare providers with any specific way to destroy data. However, it does provide some suggestions. You can magnetize your hard drive to delete data, or you could just smash it into a billion little pieces. One other common way of destroying data on a hard drive is by taking a power drill to it, but any physical destruction of the drive will work sufficiently. In order to completely destroy your data, however, you’ll want to take a few more steps. One of the best ways to make sure that your organization is prepared to face HIPAA compliance is by working with a managed service provider. Instead of destroying the drive yourself, you can leave it up to the professionals to use specialized equipment to destroy the drive, eliminating any risk on your end.
Does your organization need assistance with keeping compliance issues at the top of mind? NetMGM can help your organization ensure data compliance with your specific industry’s standards. To learn more, reach out to us at 888-748-2525.
ABOUT THE AUTHOR
Rafiq Masri
With over 25 years of experience in Information Technology, Rafiq is one of the most accomplished, versatile and certified engineer in the field. He has spent the past 2 ½ decades administering and supporting a wide range of clients and has helped position Network Management, Inc. as a leader in the IT Managed Services space.
Rafiq has built a reputation for designing, building and supporting top notch IT infrastructures to match the business objectives and goals of his clients.
Embracing the core values of integrity, innovation, and reliability, Rafiq has a very loyal client base with some customer relationships dating back 20+ years.
Rafiq holds a bachelor’s degree in Mechanical Engineering from the University of Michigan and has completed graduate programs in Software Engineering and Business at Harvard and George Mason University. Rafiq is a former founder and CEO of Automation, Inc. in Ann Arbor, Michigan as well as a valued speaker on entrepreneurship and technology at industry events such as ExpoTech and others.