FileShred Has The Expert Knowledge, Experience And Resources To Make Your Compliance With The Destruction Of Protected Health Information Easy.
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law in 2009, but was not fully incorporated into practice until 2014. This act strengthens HIPAA regulation. It states that HIPAA covered entities must provide notification in the case of breaches of “unsecured Protected Health Information” (PHI). This regulation also requires covered entities to insure that their vendors also known as business associates fully comply with HIPAA HITECH provisions.
The legislation makes business associates directly responsible to HIPAA’s privacy and security requirements as well as the penalties for violating those requirements. The HITECH Law also requires that in the event of a data breach business associates are required to notify the covered entity that they are servicing.
The federal government has given all state Attorney General’s offices the authority to enforce HIPAA, with a penalty structure with fine amounts ranging from $25,000 to as much as $1.5 million for each individual violation.
Healthcare providers, regardless of size, must implement policies and procedures to ensure PHI is properly safeguarded and not improperly disclosed that includes when they are being disposed of. The rule includes developing a Written Information Protection Plan that all employees are trained on. All employees must also sign a confirmation that they have been trained on the plan. Included in that plan must be the approved destruction method of PHI. Shredding medical documents prior to disposal is an appropriate method of protection of that information. When covered entities hire a vendor for shredding services they are required to enter into a contract known as a Business Associate’s Agreement with the vendor that incorporates the provisions of ARRA/HITECH Regulation.
Here is how FileShred can HELP
- FileShred is NAID AAA Certified which means hiring FileShred makes you compliant with the business associate due diligence requirement.
- FileShred’s owners are CSDS, Certified Secure Destruction Specialist which means we are authorized to help you develop a Written Information Destruction Policy.
- FileShred can provide you with a sample Business Associate’s Agreement (BAA) or sign your BAA as long as it incorporates the necessary provisions required by ARRA/HITECH regulation.
- The HITECH Rule requires you have documented proof of secure destruction of PHI. We provide certificates of destruction of your documents, hard drives, microfilm, micro fiche and other types of recorded media.
Here is how our HITECH Shredding Services works
- FileShred provides One-time or Ongoing HITECH compliant information destruction services that is flexible, reliable, and cost-effective. The frequency of service is up to you.
- With an ongoing shredding service we provide your healthcare facilities with free locking document disposal containers that will protect PHI until they are shredded. The containers are provided in sufficient quantities for your staff to have convenient access to them.
- We offer convenient schedules that suit your needs such as weekly, bi-weekly, every four weeks or monthly.
- We have a fleet of the most advanced shredding trucks in the industry that will come to your location to destroy your protected health information onsite.
- Our Information destruction service staff is well trained, background checked, drug tested, bonded and insured so your PHI is always handled in the most secure and professional way possible.
- Every HITECH service we provide is documented with a work order that demonstrates the chain of custody with the destruction of your PHI.
- We provide you with a Certificate of Destruction for each shredding service we provide. This will verify your patient information was completely and confidentially destroyed in accordance with NAID Certified specification and the HIPAA HITECH Privacy Rule.
We have experienced staff always ready to help you with the secure destruction of your protected healthcare information so give us a call today!