You may be wondering if document shredding is something you can handle in-house, without the worry of violating HIPAA laws. Unless you are willing to dedicate a good deal of time, attention, and detail to the shredding of each document, the answer to this question is likely no.
In order to be considered HIPAA compliant, all destroyed documents must be “rendered essentially unreadable, indecipherable, and otherwise cannot be reconstructed.” This is not always accomplished by your standard, personal shredder. If the shredded pieces are large enough, it won’t take much for a determined identity thief to piece them back together out of your trash. In some cases, one large shredded piece may even contain enough personal information to put you at risk of a HIPAA violation.
The Right Shredding Service Will Meet All Security Requirements
The only true way to guarantee your HIPAA compliance is to use a professional shredding service. Hiring an outside company protects your company from any negligence accusations and ensures that all confidential information cannot be pieced back together. For example at Office Shredding, we maintain Secure Cut® capability which cuts paper particles to just 3/8th’s of an inch. Additionally, you should always receive a certificate of destruction after shredding to validate that the service was HIPAA compliant.
What’s more, HIPAA compliance isn’t only an issue for healthcare and medical facilities. Any business that requires access to client or employee healthcare records must also follow these standards. To learn what other legislation holds businesses in different industries to higher security standards, visit our Privacy Legislation page.