HIPAA Document Privacy

Under the HIPAA Privacy and Security Rules, covered entities are obliged to observe proper methods of disposing protected health information (PHI), of any form. Appropriate measures of disposal are required to prevent and limit any unauthorized use and access to the information. Furthermore, covered entities handling electronic PHI are required to impose policies and procedures to facilitate the removal, termination and final disposal of PHI in electronic format including the storage media housing the information.