As healthcare organizations decommission information technology, they’re likely to contain patients’ financial or protected health information, and special care is needed in disposing of devices such as desktop and laptop computers, servers, tablets, hard drives, USB “thumb” drives, copiers or any electronic storage devices.
As a result, organizations need to take extreme care—and have a plan—for disposing of devices and storage media, says the Office for Civil Rights of the Department for Health and Human Services. In a recent cybersecurity newsletter, OCR laid out a roadmap to ensure secure disposal of media.
“Devices or media that need to replaced should be decommissioned and disposed of securely to ensure that either the devices or media are destroyed or any confidential or sensitive information stored on such devices or media has been removed,” the OCR guidance states.
Here are OCR’s recommendations for securely handling device and media decommissioning.