Disposing of sensitive patient information requires thorough care and consideration. Don’t just toss the documents into the trash or the office shredder—those disposal methods put data at risk of theft. This guide will show you how to dispose of old patient records the right way.
Abide by a Document Retention Schedule
Your facility should have a document retention schedule in place to monitor when documents need disposal. How long your medical facility can hang on to certain documents may vary depending on your location. For example, in Washington, DC, physicians must retain medical records for three years after the designated patient’s last visit. To keep records from piling up and becoming more and more vulnerable as time goes by, securely dispose of them when necessary.
Shred Documents On-Location
We’ll get into the details of finding a reputable data destruction company later on, but one thing you have to take into consideration is the type of service they have available. Always dispose of your patient records at your workplace—don’t let them leave the facility intact. Most shredding services will offer companies the opportunity for onsite or offsite shredding. When disposing of patient records, choose onsite shredding, otherwise known as mobile shredding services. That way, your records can be securely disposed of without ever leaving your office.
Don’t Forget About Digital Records
Obviously, nowadays keeping digital records isn’t uncommon. You need to make sure you take the same level of security with them as you do with physical documents. Not just when it comes to storage, but also when it comes to disposal. When looking for a paper shredding company, inquire about other means of data destruction they offer. For instance, some companies will be able to securely destroy your laptops, CDs, DVDs, and hard drives. Don’t forget about these means of destruction when disposing of old patient records.
Research Data Destruction Companies Before Partnering
You’re going to need to pair with a reputable paper shredding/data destruction company in order to dispose of old patient records correctly. However, before choosing a company to aid in your data destruction, do the proper research ahead of time. Given the nature of this particular type of data destruction, you should make sure you’re putting someone you trust in charge of it. If the company has NAID AAA certification clearly labeled on their website, you can feel comfortable putting your trust in them.
Aside from that factor, you also have to make sure the company offers the right destruction options and prices that fit your needs. Additionally, choose a company that can abide by the shredding/destruction schedule you need to follow for business purposes, whether you require these services daily, weekly, or monthly.
It’s important for workers in medical facilities to understand how to dispose of old patient records the right way. It’s easy for criminals to get ahold of sensitive data if a physician doesn’t know the right methods for retaining and disposing of physical or digital records. However, if you take the right precautions like the ones listed above, you can avoid running into problems like data breaches.