HIPPA Data Security Compliance
HIPAA data security compliance spans computer hard drives, media and paper documents. Each must have it’s own plan to maintain data lifecycle privacy from encryption, retention and retirement (destruction). Some healthcare entities choose to do their data destruction in-house while others will outsource this to various data destruction companies that also other governmental agencies.
The following represents some of the newer products available that will allow you to stay in compliance with HIPAA and maintain data privacy throughout the “data lifecycle”:
HIPAA-Compliant Encrypted Hard Drives w/ Key Access
To meet HIPAA regulations, computer hard drives must be NIST-certified with AES hardware encryption and 2 key (only) access to read/write data on the drive.
1 TB 128-bit AES-Encrypted HIPAA-Certified Hard Drive (internal)
1 TB 128-bit AES-Encrypted HIPAA-Certified Hard Drive (external)
HIPAA-Compliant High-Security Paper Shredders
To meet HIPAA regulations, paper shredders must be designated High Security, which means they are NSA / DoD approved to produce “unreconstructible” paper segments.
Fellowes High-Security Cross-Cut Paper Shredder
Dahle High-Security Micro-Cut Paper Shredder
HIPAA-Compliant Hard Disk Destruction
To meet HIPAA regulations, all hard drives and media disks must first be degaussed and then “destroyed” as per NSA / DoD certification. Hard drive destruction involves physical bending, mangling, and breaking of the drive units so that the disks inside cannot possibly be spun up or read from.
