Keep records and claims data out of the wrong hands.
There are a number of regulations that apply to any healthcare entity that electronically processes, stores, transmits, or receives medical records, claims, or remittances (e-PHI). This includes all healthcare providers, insurance companies, and clearing houses.
Here are a few things you need to know about healthcare compliance:
- Data security compliance covers computer hard drives, media, and paper documents.
- All companies must have places designated to maintain privacy across all media through the entire IT lifecycle—from encryption to retention and retirement (destruction).
- Two-key access encryption is required when individually identifiable health information is sent over a public network.
- Storage media that will be physically destroyed must first be degaussed per NSA and DoD standards. Physical destruction consists of bending, mangling, and breaking the unit.
- Storage media that will be repurposed must be eradicated through the use of Secure Erase firmware or via NIST-800-88 certified data eradication protocols.
The CentricsIT suite is customized to the specific market regulations of each vertical. Our Healthcare services include a repurposing/remarketing suite and a versatile onsite data destruction solution. CentricsIT applies NIST 800-88 certified destruction protocols to both spinning and SSD/Flash technologies. Onsite shredding services are also available. Each engagement is governed by a detailed Service Level Agreement and produces a comprehensive subset of deliverables and compliance reports.
Our ITAD suite fully complies with BAN’s e-Steward program, which prohibits landfill disposal or export of electronic waste (non-functional assets and material by-product). As an environmental steward, CentricsIT ensures that all recycled material is processed in accordance with all federal, state, and local regulations.