Storage units are commonly used by healthcare professionals to store excess records and older files. They can be a great way to economize space or temporarily store records that are in the process of being digitized, however storage facilities used to hold PHI are required to be HIPAA compliant.
However, the security of these units is far from perfect. Last week, a man reported a theft from his unit in Fresno, California. The thieves weren’t after medical records or HIPAA protected health information (PHI)–they stole a priceless racecar along with a motorcycle and two smaller vehicles.
Watch the full report here for more details, as the man recounts how this irreplaceable heirloom–gifted by his grandfather before he died–was stolen from the unit.
What’s worse, the Public Storage facility where his unit was located wasn’t equipped with security cameras. Additionally, the unit shown in the report was secured by a small, single lock that was easily tampered with for the thieves to gain entry. Chances of finding the racecar seem dashed at this point, and that’s fairly telling of the chances you take when utilizing storage facilities.
And when it comes to storing sensitive information, those chances can carry serious risk. In the event of a burglary, stolen PHI and patients’ medical records can account for massively damaging breaches. The Office for Civil Rights (OCR) has levied major HIPAA violation fines in the past for carelessly handling PHI. Utilizing HIPAA compliant data and storage services can help prevent major data breaches.
If a storage facility isn’t equipped with advanced security measures, it’s likely not wise to store any kind of sensitive data there. HIPAA compliant digitizing and data storage services are a significantly more secure alternative to regular storage units. Storage services are considered business associates (BAs) under the HIPAA regulation. Facilities must be totally compliant with the full extent of federal regulation before organizations chose to utilize HIPAA compliant data storage there.
Using a HIPAA compliant cloud storage service is one of the easiest ways to avoid data breaches.