In Response COVID-19 (Coronavirus) -- Read More
Get A Quote Now!

IntelliShred QuickQuote

Medical Records Destruction – A Guide

IntelliShred is your NAID-certified vendor, ready to destroy medical records to protect your business and to give you and your patients peace of mind. If your work involves medical records, it’s essential to understand why, when, and how to destroy it securely.

Here’s our guide to medical records destruction to help you make the best, informed decisions for your organization and your patients’ needs.

Why Must Medical Records Be Destroyed Securely?

The destruction of medical records is mandated by the Health Insurance Portability and Accountability Act (HIPAA). Part of its reason for being is to protect access to health data and to ensure its integrity and confidentiality. This critical act was enacted in 1996 and if your business involves medical records, it must comply. It’s your business’s responsibility to keep medical records secure, but that doesn’t mean you have to do so alone.

Businesses such as IntelliShred are specialists in destroying sensitive data, so that you can rest assured that you comply with legislation. Ensuring the secure destruction of medical records will help you avoid fines, as well as ensuring that that your business, clients, and patients are safe.

What Constitutes Protected Health Information?

HIPAA states that protected health information (PHI) must be secure and disposed of securely. It’s worth examining your records or consulting with a professional data destruction firm, because the HIPAA considers many elements as sensitive information that must be protected.

PHI includes patient histories regarding surgery, immunization, and family history, as well as data about physical examinations that have taken place. PHI also means orders and prescriptions, allergies, and growth charts or other developmental history.

Within these records and elsewhere, you may also have such details as fax and phone numbers, email addresses, URLs, IP addresses, and device serial numbers that can identify people. Other identifying data include social security numbers, certificate or license numbers, account numbers, and vehicle identifiers. Photos, geographic data, and dates, and many more elements also make up PHI.

This is why it’s critical to have medical information destroyed securely. If there is any chance that data or physical copies can be retrieved and pieced back together, this puts your organization and your patients at risk.

When Should I Destroy Medical Documents?

While some medical records, such as patients’ birth certificates or a register of surgical procedures need to be kept permanently, others can be destroyed after a recommended delay. Diagnostic images should be kept for five years. Patient health records should be stored for ten years after its last use. A physician index or disease index ought to be kept for ten years. Get in touch with our specialist team to learn more about when you should destroy PHI.

If the files have not passed their retention times, it might still be time to destroy records if a) the organization is transitioning from paper records to a paperless or electronic health records (EHR) system or b) the medical records contain administrative errors requiring new records to be created.

Whatever the case, old medical records should not be disposed of haphazardly. Even if they contain errors, they still constitute PHI as described by HIPAA and must be destroyed securely.

How to Destroy Medical Records Securely

While HIPAA states that organizations must dispose of their old medical records securely, it’s up to those organizations how they achieve this. Medical documents must be shredded or destroyed electronically.

IntelliShred destroys medical records using one of two 100% effective methods to suit you and your needs.

  • Mobile Shredding:our trucks come out to your location, destroying medical records while you watch. We provide certificates of destruction that detail project specifics.
  • Off-Site Shredding:trucks will come out to your location and pick up medical records. These are stored in locked bins and taken to an off-site facility for destruction.

The destruction of old medical records is a legal requirement, but it doesn’t have to be a worry. Our courteous, industry-certified staff is knowledgable and will take care of your medical records and your compliance with HIPAA regarding destroying old medical records.

We make it easy for you to protect your organization and your patients. Contact us today to learn more.

Disposal Of Medical Records

Knowing whether or not to retain medical records is not always straightforward. It’s something that most providers think to be the highest priority, but disposing of patient’s medical records is essential to the health of your organization or practice.

The destruction process is not difficult to implement, but because there are federal and state laws which govern disposal and destruction methods, it should be handled by a professional shredding and destruction service. If your organization does not have a destruction policy already in place, you should definitely develop one as soon as possible.

Regulations for the disposal of medical records exist at both the federal and state levels. The federal laws include the HIPAA (Health Insurance Portability and Accountability Act) Rule. This privacy rule governs any covered entities and how they should apply appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information (PHI), in any form.

These days, most PHI is stored on some type of digital device, but there could also be paper copies of the medical records. Whether it be email messages, SMS or text messages, video recordings, file downloads, or other electronic media storage, it’s absolutely essential that protective measures are in place.

HIPAA’s Security Rule establishes the administrative, physical, and technical safeguards that covered entities and business associates must put in place in order to secure electronic protected health information as they are created, received, maintained, or transmitted.

The HIPAA rule also states that organizations need to have policies and procedures in place to address the final destruction of electronic PHI and/or the electronic media on which it is stored. Failing to implement these proper safeguards to protect PHI could result in severe penalties and fines.

Organizations that handle PHI can’t just go about disposing confidential information in dumpsters or containers that are accessible by the public. The most important types of PHI that need protection are social security numbers, driver’s license numbers, debit or credit card numbers, diagnosis or treatment information, or other sensitive information. Pretty much anything that could result in identity theft, discrimination, or that would bring harm to an individual’s reputation.

It is always encouraged to hire a professional disposal or destruction service because of their direct expertise. The following is a list of common ways a professional company would go about the disposal of medical records:

  • Burning, shredding, pulping and pulverizing paper documents
  • Recycling and pulverizing microfilm or microfiche
  • Pulverizing laser discs (document-imaging applications)
  • Magnetic degaussing is used to destroy computerized data
  • Shredding or cutting DVDs
  • Demagnetizing magnetic tapes

When outsourcing the disposal of medical records, you should know there are special clauses under the HIPAA privacy rule, which state that your vendor contract should include the following elements:

  • The date of destruction
  • The description of the records being disposed of or destroyed
  • The chosen disposal or destruction method
  • The timing between acquisition and disposal or destruction
  • Indemnification for the organization
  • The proper level of liability insurance to cover any mistakes or breaches
  • Signatures of witnesses to disposal or destruction process

The most effective way to remain compliant and protect your business/practice from unwanted legal action is to hire a mobile professional shredding and destruction service. These technicians will come right to your door, assess your needs and provide a certified shredding and destruction process that is safe and secure.

At IntelliShred, we have spent years perfecting our shredding and destruction methods, which include the secure disposal of medical records. We only hire the most qualified technicians available to handle your shredding and destruction needs. We are industry certified and our customers come back to us year after year! Contact us today to learn more about how we can help safeguard your business.

Medical Shredding Services

Medical records are among the most confidential and personal records kept by any organization. Their secure disposal is critical to comply with the law and protect the reputation of patients, companies, and service providers. Our medical shredding services can keep you on the right side of the law and keep you in business.

Both paper and digital records need to be destroyed carefully and securely. With IntelliShred’s medical shredding services, you can be confident that our systems comply with regulations and laws for secure destruction.

The health services industry is one of IntelliShred’s main markets. We have the experience and expertise to take care of your paper documents, e-waste, x-rays, and other confidential material.

Paper documents and secure document destruction

There are good reasons why the medical services industry often uses paper records. Despite incentive payments from federal government and an explosion of competing digital record systems, around half of doctors surgeries and more than half of hospitals in the US still use paper systems.

Progress toward electronic systems for long-term record keeping is gathering pace and has some clear advantages. Most notably, perhaps, these are where services are integrated with medical facilities, pharmacies, and insurance companies.

When it comes to day-to-day record keeping, charts, x-rays, and forms, however, paper still has advantages over electronic devices and short information digital storage. Most obviously, there is the cost of setting up and maintaining digital systems. A paper system is cheaper to create. And the reliability, convenience, and simplicity offered by paper make it the most common and convenient method of day-to-day record keeping in the medical industry.

This two-stream system of day-to-day paper charts and forms that are digitized when archived and longer-term digital storage looks like it here to stay for the time being. Our medical shredding services include secure destruction of both paper and digital records.

Document Destruction: How IntelliShred Can Help

IntelliShred is AAA certified with the National Association for Information Destruction (NAID). This assures you of our ability to destroy all documents to 100% unrecoverable using the highest industry standards.

We shred and destroy paper documents, notebooks (including the covers and binders), folders, X-rays, Microfilm and Micro-fiche and a whole lot more. Contact us with your requirements and one of our representatives will be happy to help.

If you are digitizing your patient records and need to destroy paper documents, IntelliShred has you covered. Our mass document destruction services can handle huge quantities of documents quickly. You won’t even need to remove bindings or take them out of cardboard folders or boxes. Our state-of-the-art shredding trucks can handle spiral bound documents and folders before recycling the waste.

For day-to-day record destruction, our regular document destruction service provides you with the ideal solution. We offer security containers for your facility at no cost so that your employees can dispose of papers and products. Then we come to your office at regular, scheduled intervals with one of our shredding trucks. We empty the containers and shred them at your location.

With both services, you can view the entire process on the TV monitor incorporated into our truck. When we’re done, we’ll print you a usage receipt that lets you know how full your containers were.

Digital document destruction

E-Waste and digital storage systems represent an even greater risk to information security than paper files. Vast numbers of records can be stored on tiny devices that are easy to lose or steal (such as flash drives) or on older servers with outdated encryption techniques. If it’s not destroyed correctly, a hard drive with thousands of company files could result in the theft of confidential information.

If you have computers or servers that have reached the end of their life, or flash drives, Cds/DVDs, or hard drives that need to be destroyed, IntelliShred can help. Even if data is encrypted, the method of encryption may now be out of date, and easy to crack. The only sure-fire way of destroying the data is to destroy the medium physically. Unwanted storage devices containing confidential data and information should be destroyed outright.

Once we destroy the data, we can recycle the other components commonly found in e-waste, such as monitors, printers, servers, keyboards, and additional electronic devices.

Get in touch today to see how IntelliShred’s medical shredding services can help your organization run more smoothly and securely.