Do state or federal laws set forth a specific manner in which obsolete patients records must be destroyed?
No. The manner selected must protect patient confidentiality. Under HIPAA provisions, it is recommended that obsolete patient records be shredded for disposal. If a service is contracted for this purpose, it is not only wise to verify in writing that the contractor or entity agrees to maintain patient confidentiality but also to require that a written Business Associates Agreement be executed pursuant to HIPAA requirements. It is suggested that providers require that such entities include indemnification and hold harmless language in the contract and/or written agreement.
Related Questions
- What do state and local education agency personnel need to know about federal privacy laws pertaining to education records?
- Do state or federal laws set forth a specific manner in which obsolete patients records must be destroyed?
- Does state or federal law set forth a specific manner in which obsolete patient records must be destroyed?
